administrators (basic)

La liste de blocage est une des mesure de Sécurité qui peut être prise pour protéger votre wiki des envois indésirés.

la liste de blocage par défaut est uniquement activée dans la version beta; pas dans la version stable, voir (en anglais) Archive.Blocklist?

Malheureusement, la possibilité d'édition ouverte à tous de nombreux wiki en fait des cibles attirante pour les "link spam" ou "wikispam", en ajoutant des liens dans les pages dans un effort pour améliorer le référencement de certains sites ou renvoyer le trafic vers d'autres sites. Aussi, beaucoup de spammeurs de liens ont développé des systèmes automatisés pour identifier les sites acceptant une édition par des visiteurs et tender d'inonder le site avec des liens indésirés.
Aussi, ce qui est plus difficile à contrôler, est simplement le vandalisme wiki ou des modifications sans objet sont faites, souvent en remplacant des pages entières.

La meilleure solution pour bloquer le wikispam est de restreindre l'édition par l'utilisation de mots de passe (voir Mots de passe et Administration des mots de passe). L'expérience montre que les mots de passes peuvent être efficace même si le mot de passe est largement diffusé, et m^me si le mot de passe est publiquement disponible sur le site lui-même. Cependant, il y a de nombreux cas ou les mots de passes peuvent être gênants, aussi on souhaite utiliser une forme de liste de blocage.

Base d'une liste de blocage (Blocklist)

A blocklist is a list of IP addresses, phrases, and expressions which are prevented from being added into pages on the website. Pm Wiki is distributed with a built-in blocklisting capability; blocklists can be enabled by adding the following line to local/config.php:

$EnableBlocklist = 1;

This tells Pm Wiki to scan the SiteAdmin.Blocklist? page and the "Site Admin.Blocklist-Farm" page (and possibly other pages -- see below) looking for phrases and IP addresses to be excluded from posting to the site.

Blocking by word or phrase

The simplest form of block is simply a line containing "block:" followed by a word or phrase to be excluded from postings. For example, a line like

in Site Admin.Blocklist will block any posts containing the string "" (case-insensitive) anywhere in the post.

Blocking by IP address

Sometimes we wish to restrict posts coming from particular addresses or address ranges that are known as sources of wikispam. If a blocklist page contains IP addresses of the form "a.b.c.d" or "a.b.c.*", then any posts coming from that address or range will be blocked.

To find an author's IP address, try hovering the mouse over the author name in the page history for a page.

Blocking by regular expression or pattern

Blocking on simple words can sometimes pose difficulties; for example, a simple "block:cial" entry will also block the word "specialist". For these cases it's often helpful to use a regular expression, as in:


This says to block "cial" only if it doesn't occur in the middle of a larger word. The leading slash (/) after "block:" tells Pm Wiki to use a regular expression match instead of a simple string match. (Blocklist uses PCRE or "Perl Compatible Regular Expressions"; see for more information.)

Letting authors know why they've been blocked

By default, blocklist only tells an author that a particular edit has been blocked, but doesn't give a specific reason for the blocking (e.g., the offending phrase). Setting the following in a local customization file will also provide the reasons for the block:

$EnableWhyBlocked = 1;

Managing multiple blocklists

Pm Wiki allows blocklist entries to come from multiple pages by setting the $BlocklistPages variable. By default $Blocklist Pages? is set to "Site Admin.Blocklist", as well as any automatically downloaded blocklists as described below. Pm Wiki will use all entries in all the blocklists for filtering wikispam. Setting a value of $BlocklistPages changes the default:

$BlocklistPages = array('Main.Blocklist', 'Pm Wiki Fr.Blocklist');

The order of blocklists really doesn't matter -- all of the blocklist
pages ultimately get used, and the unblock: entries are processed
after all of the blocklist pages have been loaded.

Automatically downloaded blocklists

Maintaining blocklists is relatively easy to do, but can become tedious over time. Several groups have formed and maintain "shared blocklists", where a common blocklist is made available to all. Pm Wiki's blocklist capability has built-in features for automatically downloading and updating such shared blocklists.

If you're just in a hurry to make use of some standard blocklists, make the following setting in local/config.php:

$EnableBlocklist = 10;

This tells Pm Wiki to not only enable blocklists on the site, but to also configure itself to automatically retrieve and maintain local copies of well-known blocklists such as and MoinMaster. These local copies will be saved in Site Admin.Blocklist-Chonged and Site Admin.Blocklist-Moin Master? and refreshed once per day (as determined by the value of $BlocklistDownloadRefresh).

To automatically retrieve the SiteAdmin.Blocklist? page used at, add the following setting in local/config.php:

$BlocklistDownload["$SiteAdminGroup.Blocklist-PmWiki"] = array('format' => 'pmwiki');

Ignoring specific entries in a blocklist (unblock)

When using a large master blocklist or blocklists automatically refreshed from external sites, it may be that some entries in the blocklists are inappropriate or overeager and block legitimate content. In this case a wikiadministrator can use "unblock" in a blocklist page to ignore an entry from the blocklist. For example, to allow "" even if another blocklist has a block entry for it:

In order for unblocking to work the phrase or pattern following "unblock:" must be exactly the same as the original.

Permissions on blocklist pages

In general, an administrator will want to edit-protect the Site Admin.Blocklist and any other blocklist pages to prevent arbitrary changes to the blocklist (see Passwords). Since most pages in the Site Admin.* group are edit-protected by default anyway, this usually isn't a problem.

Administrators may also wish to read-protect the various blocklist pages so that others do not know the exact phrases and/or IP addresses that are being blocked. (By their nature blocklists tend to contain phrases or terms that may be offensive or inappropriate to some.)

Any pages created via automatic download (see above) are automatically locked against viewing except by administrators.

administrators (intermediate)

Detailed configuration of automatically downloaded blocklists

Automatic downloading of blocklist information is controlled by the $BlocklistDownload array. An entry for Moin Master? might look like:

$BlocklistDownload["$Site Admin Group?.Blocklist-Moin Master?"] = array(
'format' => 'regex',
'refresh' => 86400);

This says to download the blocklist data from the given url into the Site Admin.Blocklist-Moin Master? page, that the entries in the blocklist are regular expressions, and to refresh the information every 86,400 seconds (one day).

If 'refresh' is omitted, then the page will be refreshed at the time interval given by $BlocklistDownloadRefresh (default one day). If 'format' is omitted, the page is assumed to have Pm Wiki-formatted entries as described above. If 'url' is omitted, then the blocklist information is downloaded from a standard location on the site.

To force a refresh of an automatically downloaded blocklist, simply delete the existing page -- a new version will be installed upon the next blocklist scan. Blocklist pages are checked for download in response to any ?action=edit request.

If you are specifying your Blocklist-Pages in the config.php you have to specify the automatically updated pages too, else they won't be updated or created even if you use $EnableBlocklist = 10; .

Farm-wide blocklist

A blocklist can be applied farm-wide (see SharedPages).
After these pages are created they can be moved into the farm shared.d/ directory:

Blocklist Variables

<< | Variables | >>

The following variables help control the configuration and operation of blocklists:

If set to a non-zero value, then blocklists are enabled on the site. If set to a value of ten or higher, then add entries for automatic downloads of standard blocklists.
$EnableBlocklist = 1; # enable blocklists
$EnableBlocklist = 10; # auto-configure standard blocklists

:$EnableWhyBlocked:By default, authors are not told which particular phrases or IP addresses are causing a particular post to be blocked; setting $Enable Why Blocked? to 1 provides this information.

$EnableWhyBlocked = 1; # give reasons for blocking
An array of pages to be checked for blocklist entries. The elements of the array may contain page variables. Defaults to "Site.Blocklist", plus any other automatically downloaded blocklist pages.
The message to provide the author whenever a post has been blocked.

:$BlockedMessagesFmt:If $Enable Why Blocked? is set, defines the text to use for each type of block being performed. Currently only 'ip' and 'text' are recognized.

Blocked Messages Fmt?['ip'] = "IP address blocked from posting: ";
$BlockedMessagesFmt['text'] = "Text blocked from posting: ";
An array of automatically-downloaded blocklists. The keys of the array are the pages in which the blocklists should be stored, the values contain the url, format, and refresh interval for the downloaded blocklist.
  # Download the MoinMaster blocklist every twelve hours
  $BlocklistDownload["$SiteAdminGroup.Blocklist-MoinMaster"] = array(
    'url' => '',
    'format' => 'regex',
    'refresh' => 43200);
  # Download a shared blocklist from every day
  $BlocklistDownload["$SiteAdminGroup.Blocklist-Shared"] = array(
    'format' => 'pmwiki');

:$BlocklistDownloadRefresh:The default refresh interval for any $Blocklist Download? entries that don't explicitly specify a 'refresh' value.

# perform automatic downloads once per week by default
$BlocklistDownloadRefresh = 86400 * 7;
The format to use when saving automatically downloaded blocklists.

:$EnableBlocklistImmediate:Some cookbook recipes update pages with author input but don't use the built-in data posting routines. If $Enable Blocklist Immediate? is set (default) and the current action is listed in $BlocklistActions (below), then an immediate blocklist scan is performed on the incoming text.

:$BlocklistActions:A list of actions for which immediate blocklist checks should be performed (see $Enable Blocklist Immediate? above).

# perform immediate checks for ?action=comment
$BlocklistActions['comment'] = 1;
# perform immediate checks for ?action=postdata
$BlocklistActions['postdata'] = 1;

<< Authentification utilisateur | Documentation Index | Notification par courriel >>

Traduction de PmWiki.Blocklist
Page originale sur PmWikiFr.Blocklist - Référencé par

Dernières modifications:
PmWikiFr.Blocklist: 23/03/2008 à 22:55

PmWiki.Blocklist: 10/09/2011 à 18:08

D'autres actions ou possibilités :

Imprimer la page - Créer le fichier PDF - Consulter les statistiques - Dernières modifications du site
Consulter la page - Editer cette page - Parcourir l'historique - Joindre un fichier - Se connecter/Déconnecter -

Stéphane FONTAINE - -