The following technical options are available to administrators for protecting different actions to pages:
- Edit protection protects the page from being edited.
- Move protection protects the page from being moved or renamed.
- Creation protection prevents a page (normally a previously deleted one) from being created (also known as "salting").
- Upload protection prevents new versions of a file from being uploaded, but it does not prevent editing to the file's description page (unless edit protection is applied).
The following technical options are available to administrators for adding protection levels to the different actions to pages:
- Pending changes protection (only available for edit protection) means edits by unregistered and new contributors are not visible to readers who are not logged-in until the edits are approved by a reviewer or an administrator.
- Semi-protection prevents the action by unregistered contributors and contributors with accounts that are not confirmed.
- Extended confirmed protection, also known as 30/500 protection, prevents the action by users without 30 days' tenure and 500 edits on the English Wikipedia. It is applied to combat any form of disruption where semi-protection has proven to be ineffective. It should not be applied as a protection level of first resort. Its use is logged at the Administrators' noticeboard.
- Template protection prevents the action by everyone except template editors and administrators (who have this right as part of their toolset).
- Full protection prevents the action by everyone except administrators.
Except in the case of office actions
), Arbitration Committee
remedies, or pages in the MediaWiki namespace (see below), administrators may unprotect a page if the reason for its protection no longer applies, a reasonable period has elapsed, and there is no consensus that continued protection is necessary. Editors desiring the unprotection of a page should, in the first instance, ask the administrator who applied the protection unless the administrator is inactive or no longer an administrator; thereafter, requests may be made at Requests for unprotection
. Note that such requests will normally be declined if the protecting administrator is active and was not consulted first. A log of protections and unprotections is available at Special:Log/protect
Interaction of Wikipedia user groups and page protection levels
A fully protected page cannot be edited or moved by anyone except administrators
. The protection may be for a specified time or may be indefinite.
Modifications to a fully protected page can be proposed on its talk page
(or at another appropriate forum) for discussion. Administrators can make changes to the protected article reflecting consensus
. Placing the
template on the talk page will draw the attention of administrators for implementing uncontroversial changes.
"WP:PREFER" redirects here. For what title name should be preferred, see WP:PRIMARYTOPIC
While content disputes and edit warring
may be addressed with user blocks
issued by uninvolved
administrators, allowing normal page editing by other editors at the same time, the protection policy provides an alternative approach as administrators have the discretion to temporarily fully protect an article to end an ongoing edit war. This approach may better suit multi-party disputes and contentious content, as it makes talk page consensus
a requirement for implementation of requested edits
When protecting a page because of a content dispute, administrators have a duty to avoid protecting a version that contains policy-violating content, such as vandalism
, copyright violations
, or poor-quality coverage of living people
. Administrators are deemed to remain uninvolved when exercising discretion on whether to apply protection to the current version of an article, or to an older, stable
, or pre-edit-war version.
Protected pages may not be edited except to make changes that are uncontroversial or for which there is clear consensus. Editors convinced that the protected version of an article contains policy-violating content, or that protection has rewarded edit warring or disruption by establishing a contentious revision, may identify a stable version prior to
the edit war and request
reversion to that version. Before making such a request, editors should consider how independent editors might view the suggestion and recognize that continuing an edit war is grounds for being blocked.
Administrators who have made substantive content changes to an article are considered involved
and must not use their advanced permissions to further their own positions. When involved in a dispute, it is almost always wisest to respect the editing policies that bind all editors and call for input from an uninvolved administrator, rather than to invite controversy by acting unilaterally.
Applying page protection as a preemptive measure is contrary to the open nature of Wikipedia and is generally not allowed if applied for these reasons. However, brief periods of an appropriate and reasonable protection level are allowed in situations where blatant vandalism or disruption is occurring by multiple users and at a level of frequency that requires its use in order to stop it. The duration of the protection should be set as short as possible, and the protection level should be set to the lowest restriction needed in order to stop the disruption while still allowing productive editors to make changes.
If a deleted page is going through deletion review
, only administrators are normally capable of viewing the former content of the page. If they feel it would benefit the discussion to allow other users to view the page content, administrators may restore
the page, blank it or replace the contents with
or a similar notice, and fully protect the page to prevent further editing. The previous contents of the page are then accessible to everyone via the page history
Protected generic file names
Administrators cannot change or remove the protection for some areas on Wikipedia, which are permanently protected by the MediaWiki
- Edits to the MediaWiki namespace, which defines parts of the site interface, are restricted to administrators.
- Edits to personal JSON pages such as User:Example/data.json are restricted to the associated user and administrators.
In addition to hard-coded protection, the following are usually fully protected for an indefinite period of time:
A template-protected page can be edited only by administrators or users in the Template editors group. This protection level should be used almost exclusively on high-risk templates
. In cases where pages in other namespaces become transcluded to a very high degree, this protection level is also valid.
This is a protection level
that replaces full protection
on pages that are merely protected due to high transclusion rates, rather than content disputes. It should be used on templates whose risk factor would have otherwise warranted full protection. It should not be used on less risky templates on the grounds that the template editor
user right exists—the existence of the right should not result in more templates becoming uneditable for the general editing community.
Editors may request edits to a template-protected page by proposing them on its talk page, using the
template if necessary to gain attention.
Semi-protected pages cannot be edited by unregistered users
), as well as accounts that are not autoconfirmed
(accounts that are at least four days old and have made at least ten edits to Wikipedia) or confirmed
. Semi-protection is useful when there is a significant amount of disruption or vandalism
from new or unregistered users, or to prevent sockpuppets
of blocked or banned users from editing, especially when it occurs on biographies of living persons
who have had a recent high level of media interest. An alternative to semi-protection is pending changes
, which is sometimes favored when an article is being vandalized regularly, but otherwise receives a low amount of editing.
Guidance for administrators
Administrators may apply indefinite
semi-protection to pages that are subject to heavy and persistent vandalism
or violations of content policy
(such as biographies of living persons
, neutral point of view
). Semi-protection should not
be used as a preemptive measure against vandalism that has not yet occurred or to privilege registered users over unregistered users in (valid) content disputes.
In addition, administrators may apply temporary semi-protection on pages that are:
- Subject to significant but temporary vandalism or disruption (for example, due to media attention) if blocking individual users is not a feasible option.
- Subject to edit warring if all parties involved are unregistered or new editors (i.e. in cases in which full protection would otherwise be applied). This does not apply when autoconfirmed users are involved.
- Subject to vandalism or edit warring where unregistered editors are engaging in IP hopping by using different computers, obtaining new addresses by using dynamic IP allocation, or other address-changing schemes.
- Article discussion pages, if they have been subject to persistent disruption. Such protection should be used sparingly because it prevents unregistered and newly registered users from participating in discussions. A page and its talk page should not normally be protected at the same time. If a page and its talk page are both protected, the talk page should direct affected editors to Wikipedia:Request for edit to ensure that no editor is entirely prevented from contributing.
- Protection should be used sparingly on the talk pages of blocked users, including IP addresses. Instead the user should be re-blocked with talk page editing disallowed. When required, or when re-blocking without talk page editing allowed is unsuccessful, protection should be implemented for only a brief period not exceeding the duration of the block.
Creation protection (salting)
Administrators can prevent the creation of pages. This level of protection is useful for bad pages that have been deleted
but repeatedly recreated. Such protection is case-sensitive. There are several levels of creation protection that can be applied to pages, identical to the levels for edit protection. A list of protected titles may be found at Special:ProtectedTitles
(see also historical lists
Administrators should choose the appropriate level of create protection—autoconfirmed, extended-confirmed,
or full. Due to the implementation of ACPERM
, non-confirmed editors cannot create pages in mainspace; thus, semi-creation protection should be rare, used only for protection of pages outside of mainspace.
While creation-protection is usually permanent, temporary creation protection may be applied if a page is repeatedly recreated by a single user (or sockpuppets
of that user, if applicable).
Move protected pages, or more technically, fully move-protected pages, cannot be moved to a new title except by an administrator. Move protection is commonly applied to:
Fully edit-protected pages are also implicitly move-protected.
are implicitly move-protected; only file movers
and administrators can rename files.
Upload protected files, or more technically, fully upload-protected files, cannot be replaced with new versions except by an administrator. Upload protection does not protect file pages from editing. Upload protection may be applied by an administrator to:
- Files subject to persistent upload vandalism.
- Files subject to a dispute between editors.
- Files that should not be replaced, such as images used in the interface or transcluded to the main page.
- Files with common or generic names. (eg. File:Map.png)
As with full edit protection, administrators should avoid favoring one file version over another, and protection should not be considered an endorsement of the current file version. An exception to this rule is when files are protected due to upload vandalism.
Pending changes protection
Pending changes protection is a tool used to suppress vandalism
and certain other persistent problems while allowing all users to continue to submit edits. Pending changes protection can be used as an alternative to semi-protection to allow unregistered and new users to edit pages, while keeping the edits hidden from the view of most readers until those changes are accepted by a pending changes reviewer
When a page under pending changes protection is edited by an unregistered
(IP addresses) editor or a new user
, the edit is not directly visible to the majority of Wikipedia readers, until it is reviewed and accepted by an editor with the pending changes reviewer right
. When a page under pending changes protection is edited by an autoconfirmed user
, the edit will be immediately visible to Wikipedia readers, unless there are pending edits waiting to be reviewed.
Pending changes are visible in the page history, where they are marked as pending review. Readers that are not logged in (the vast majority of readers) are shown the latest accepted version of the page; logged-in users see the latest version of the page, with all changes (reviewed or not) applied. When editors who are not reviewers make changes to an article with unreviewed pending changes, their edits are also marked as pending and are not visible to most readers.
A user who clicks "edit this page" is always, at that point, shown the latest version of the page for editing regardless of whether the user is logged in or not.
- If the editor is not logged in, their changes join any other changes to the article awaiting review – for the present they remain hidden from not-logged-in users. (This means that when the editor looks at the article after saving, the editor won't see the change made.)
- If the editor is logged in and a pending changes reviewer, and there are pending changes, the editor will be prompted to review the pending changes before editing – see Wikipedia:Pending changes.
- If the editor is logged in and not a pending changes reviewer, then ...
- If there are no unreviewed pending edits waiting, this editor's edits will be visible to everyone immediately; but
- If there are unreviewed pending edits waiting, then this editor's edits will be visible only to other logged-in users (including themself) immediately, but not to readers not logged in.
Reviewing of pending changes should be resolved within reasonable time limits.
When to apply pending changes protection
Pending changes may be used to protect articles against:
Pending changes protection should not be used as a preemptive measure against violations that have not yet occurred. Like semi-protection, PC protection should never be used in genuine content disputes, where there is a risk of placing a particular group of editors (unregistered users) at a disadvantage. Pending changes protection should not be used on articles with a very high edit rate, even if they meet the aforementioned criteria. Instead semi-protection should be considered.
In addition, administrators may apply temporary pending changes protection on pages that are subject to significant but temporary vandalism or disruption (for example, due to media attention) when blocking individual users is not a feasible option. As with other forms of protection, the time frame of the protection should be proportional to the problem. Indefinite PC protection should be used only in cases of severe long-term disruption.
Extended confirmed protection
Extended confirmed protection, also known as 30/500 protection, only allows edits by editors with the extended confirmed
user access level, granted automatically to registered users with at least 30 days' tenure and 500 edits.
Where semi-protection has proven to be ineffective, administrators may use extended confirmed protection to combat disruption (such as vandalism
, abusive sockpuppetry
, edit wars
, etc.) on any topic. Extended confirmed protection should not be used as a preemptive measure against disruption that has not yet occurred, nor should it be used to privilege extended confirmed users over unregistered/new users in valid content disputes on articles not covered by Arbitration Committee 30/500 rulings. Extended confirmed protection may be applied by an administrator at their discretion when creation-protecting a page.
Until August 12, 2016,
30/500 protection applied only in topic areas determined by the Arbitration Committee
, which authorized its use on articles reasonably construed as belonging to the Arab–Israeli conflict
as an arbitration enforcement tool by motion or remedy;
or as a result of community consensus.
In February 2019, the community authorized uninvolved administrators to place pages reasonably construed as belonging to the India–Pakistan conflict
under extended confirmed protection as part of a general sanctions regime.
In May 2020 the Arbitration Committee authorized extended confirmed protection to pages related to the history of Jews and antisemitism in Poland
during World War II (1933–45).
As of September 23, 2016, a bot posts a notification in a subsection of AN
when this protection level is used.
A full list of the 2685 pages under 30/500 protection can be found here
Users can request edits to an extended confirmed-protected page by proposing them on its talk page, using the
template if necessary to gain attention.
Cascading protection fully protects a page, and extends that full protection automatically
to any page that is transcluded
onto the protected page, whether directly or indirectly. This includes templates, images and other media that are hosted on the English Wikipedia. Files stored on Commons are not
protected by any other wiki's cascading protection and, if they are to be protected, must be either temporarily uploaded to the English Wikipedia or explicitly protected at Commons (whether manually or through cascading protection there). When operational, KrinkleBot
cascade-protects Commons files transcluded at Wikipedia:Main Page/Tomorrow
, Wikipedia:Main Page/Commons media protection
and Main Page
. As the bot's response time varies, media should not
be transcluded on the main page (or its constituent templates) until after it has been protected. (This is particularly relevant to Template:In the news
, for which upcoming images are not queued at Wikipedia:Main Page/Tomorrow
.) Cascading protection:
- Should be used only to prevent vandalism when placed on particularly visible pages, such as the main page.
- Is available only for fully protected pages; it is disabled for lower levels of protection as it represents a security flaw. See Phabricator:T10796 for more information.
- Is not instantaneous; it may be several hours before it takes effect. See Phabricator:T20483 for more information.
- Should generally not be applied directly to templates or modules, as it will not protect transclusions inside <includeonly> tags or transclusions that depend on template parameters, but will protect the documentation subpage. See the "Protection of templates" section below for alternatives.