Restrict account creation
Keywords: login, logins
Contact Doug White to create an account, we have had to block a spammer who creates endless new accounts and spamming pages
Prevent new user registrations except by sysops
- $wgGroupPermissions['*']['createaccount'] = false;
note You can use the ConfirmAccount extension if you want to set up an account confirmation queue. (If not you may still proceed as follows.)
note New users will still be able to be created by sysops, in the following manner:
- Go to [[Special:Userlogin]], when logged in as a sysop.
- Click on "Create an account" link to get to the account creation form.
- Enter a username and an email address, and click the "by email" button. Note you need $wgEnableEmail=true or else the sysop must pick a password and send it to the user.
- The account will be created with a random password which is then emailed to the given address (as with the "forgot password" feature). The user will be requested to change password at first login; when he does this, his e-mail address will also be marked as confirmed.
- When you click the "create account" button instead, you have to manually send the user his password. If you've set $wgMinimalPasswordLength=0 (default configuration up to version 1.15) and you've left the password field blank, the user will be emailed an e-mail address confirmation request but will be unable to access Special:Confirmemail to perform the confirmation. Instead, he'll get an error (unless you've added it to $wgWhitelistRead); he'll be able to login with a blank password and then confirm email, but his password will not have been reset (he'll have to reset it manually).