Wikimore

**MediaWiki extensions manual**
LoginNotify; Release status: stableCategory:Stable extensions
Implementation	User activityCategory:User activity extensions
Description	Notify users of suspicious logins
Author(s)	Brian Wolff (Bawolfftalk)
Latest version	0.1
MediaWiki	>= 1.44
Database changes	Yes
Tables	loginnotify_seen_net
License	MIT License
Download	Download extension ; Git [?]: Browse repository (GitHub); Gerrit code review; Git commit log; Download source tarball; Category:Extensions in Wikimedia version control
	Parameters $wgLoginNotifyExpiryKnownIP; $wgLoginNotifyCacheLoginIPExpiry; $wgLoginNotifyCookieDomain; $wgLoginNotifyUseCheckUser; $wgLoginNotifySeenExpiry; $wgLoginNotifyAttemptsNewIP; $wgLoginNotifyExpiryNewIP; $wgLoginNotifyEnableOnSuccess; $wgLoginNotifyAttemptsKnownIP; $wgLoginNotifyCookieExpire; $wgLoginNotifyDenyUnknownIPs; $wgLoginNotifySeenBucketSize; $wgLoginNotifyUseCentralId; $wgLoginNotifyUseSeenTable; $wgLoginNotifyMaxCookieRecords; $wgLoginNotifyCheckKnownIPs; $wgLoginNotifySecretKey;
	Hooks used AuthManagerLoginAuthenticateAuditCategory:AuthManagerLoginAuthenticateAudit extensions; BeforeCreateEchoEventCategory:BeforeCreateEchoEvent extensions; EchoGetBundleRulesCategory:EchoGetBundleRules extensions; LoadExtensionSchemaUpdatesCategory:LoadExtensionSchemaUpdates extensions; LocalUserCreatedCategory:LocalUserCreated extensions; RecentChange_saveCategory:RecentChange save extensions;
Quarterly downloads	19 (Ranked 98th)
Public wikis using	904 (Ranked 277th)
	Translate the LoginNotify extension if it is available at translatewiki.net
Issues	Open tasks · Report a bug

This extension comes with MediaWiki 1.40 and above. Thus you do not have to download it again. However, you still need to follow the other instructions provided.

Category:Extensions bundled with MediaWiki 1.40 Category:Extensions without a compatibility policy Category:MIT licensed extensionsCategory:All extensions

The LoginNotify extension notifies you when someone logs into your account. It can be configured to give warnings after a certain number of failed login attempts (The number is configurable, and can be different between unknown IPs/devices and known IPs/devices). It can also give Echo notices (which can also be emailed) for successful logins from IPs you don't normally use. It can optionally integrate into the CheckUser extension in order to determine if the login is from an IP address you don't normally use. It can also set a cookie to try and determine if the login is from a device you normally use.

Installation

This extension requires the Echo extension to be installed.

Download and move the extracted LoginNotify folder to your extensions/ directory.
Developers and code contributors should install the extension from Git instead, using:cd extensions/ git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/LoginNotify
Add the following code at the bottom of your LocalSettings.php file:
```
wfLoadExtension( 'LoginNotify' );
```
Configure as required.
Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.

This extension can optionally integrate with the CheckUser extension if it is installed, but does not require it.

Usage

Once LoginNotify is installed, whenever a user logs into the wiki, their IP subnet is cached on the server and a cookie named loginnotify_prevlogins is stored in their browser. These tokens, optionally along with CheckUser tables, are used to see if subsequent logins are coming from a known IP/device.

If CentralAuth and CheckUser are installed, it will check the IP not only for the current wiki, but also the ten wikis where the user is most active.

Configuration

Parameters that can be set in the LocalSettings.php file:

Name	Description	Default
`$wgLoginNotifyAttemptsKnownIP`	The number of failed login attempts to permit from a known IP before a notification is triggered.	`10`
`$wgLoginNotifyAttemptsNewIP`	The number of failed login attempts to permit from a new IP before a notification is triggered.	`3`
`$wgLoginNotifyExpiryKnownIP`	The time-to-live of the count of failed login attempts from a known IP (from the time of the first failed attempt).	`604800` (7 days)
`$wgLoginNotifyExpiryNewIP`	The time-to-live of the count of failed login attempts from a new IP (from the time of the first failed attempt).	`1209600` (14 days)
`$wgLoginNotifyCheckKnownIPs`	Whether to trigger a notification after failed logins from known IPs.	`true`
`$wgLoginNotifyEnableOnSuccess`	Whether to trigger a notification after successful logins from unknown IPs.	`true`
`$wgLoginNotifyEnableForPriv`	Set different default notification preferences for different user groups. For user groups that have any of the user rights listed in this array, the preferences specified in Hooks:getOverridenOptions() are on by default. ("Failed login attempts" web notifications and "Login from new computer" web notifications.)	`[ "editinterface", "userrights" ]`
`$wgLoginNotifySecretKey`	Use this key instead of `$wgSecretKey` to generate the HMACs for the cookie.	`null`
`$wgLoginNotifyCookieExpire`	Expiration of the cookie.	`15552000` (180 days)
`$wgLoginNotifyCookieDomain`	To allow sharing login cookies between sites on different subdomains, set this to the parent domain name.	`null`
`$wgLoginNotifyMaxCookieRecords`	Maximum number of users (records) to track as having successfully logged in on a particular device.	`6`
`$wgLoginNotifyCacheLoginIPExpiry`	How long to cache IPs in memcache. Set to `false` to disable; set to `0` to cache forever.	`5184000` (60 days)

This extension is being used on one or more Wikimedia projects. This probably means that the extension is stable and works well enough to be used by such high-traffic websites. Look for this extension's name in Wikimedia's CommonSettings.php and InitialiseSettings.php configuration files to see where it's installed. A full list of the extensions installed on a particular wiki can be seen on the wiki's Special:Version page.

Category:Extensions used on Wikimedia#LoginNotify

This extension is included in the following wiki farms/hosts and/or packages:

This is not an authoritative list. Some wiki farms/hosts and/or packages may contain this extension even if they are not listed here. Always check with your wiki farms/hosts or bundle to confirm.

LoginNotify Release status: stableCategory:Stable extensions

Implementation	User activity Category:User activity extensions
Description	Notify users of suspicious logins
Author(s)	Brian Wolff (Bawolff^talk)
Latest version	0.1
MediaWiki	>= 1.44
Database changes	Yes
Tables	loginnotify_seen_net
License	MIT License
Download	Download extension Git ^[?]: Browse repository (GitHub) Gerrit code review Git commit log Download source tarball Category:Extensions in Wikimedia version control
Parameters $wgLoginNotifyExpiryKnownIP $wgLoginNotifyCacheLoginIPExpiry $wgLoginNotifyCookieDomain $wgLoginNotifyUseCheckUser $wgLoginNotifySeenExpiry $wgLoginNotifyAttemptsNewIP $wgLoginNotifyExpiryNewIP $wgLoginNotifyEnableOnSuccess $wgLoginNotifyAttemptsKnownIP $wgLoginNotifyCookieExpire $wgLoginNotifyDenyUnknownIPs $wgLoginNotifySeenBucketSize $wgLoginNotifyUseCentralId $wgLoginNotifyUseSeenTable $wgLoginNotifyMaxCookieRecords $wgLoginNotifyCheckKnownIPs $wgLoginNotifySecretKey
Hooks used AuthManagerLoginAuthenticateAudit Category:AuthManagerLoginAuthenticateAudit extensions BeforeCreateEchoEvent Category:BeforeCreateEchoEvent extensions EchoGetBundleRules Category:EchoGetBundleRules extensions LoadExtensionSchemaUpdates Category:LoadExtensionSchemaUpdates extensions LocalUserCreated Category:LocalUserCreated extensions RecentChange_save Category:RecentChange save extensions
Quarterly downloads	19 (Ranked 98^th)
Public wikis using	904 (Ranked 277^th)
Translate the LoginNotify extension if it is available at translatewiki.net
Issues	Open tasks · Report a bug

Wikimore

Extension:LoginNotify

Installation

Usage

Configuration