Wikipedia:Protection policy

In some circumstances, pages may need to be protected from modification by certain groups of editors. Pages are protected when there is disruption that cannot be prevented through other means such as blocks. Wikipedia is built on the principle that anyone can edit and therefore aims to have as many pages as possible open for public editing so that anyone can add material and correct errors. This policy states in detail the protection types and procedures for page protection and unprotection and when each protection should and should not be applied.

Protection is a technical restriction applied only by administrators, although any user may request protection. Protection can be indefinite or expire after a specified time. The various levels of protection are detailed below, and they can be applied to the page edit, page move, page create, and file upload actions. Even when a page is protected from editing, the source code (wikitext) of the page can still be viewed and copied by anyone.

A protected page is marked at its top right by a padlock icon, usually added by the template.

Preemptive protection
Applying page protection solely as a preemptive measure is contrary to the open nature of Wikipedia and is generally not allowed. Instead, protection is used when vandalism, disruption, or abuse by multiple users is occurring at a frequency that warrants protection. The duration of protection should be as short as possible and at the lowest protection level sufficient to stop the disruption, allowing edits from as many productive users as possible.

Exceptions include the Main Page, along with its templates and images, which are indefinitely fully protected. Additionally, Today's Featured Article is typically semi-protected from the day before its scheduled appearance on the Main Page until the day after it leaves.

Protection types
The following protection types are available to administrators for protecting different actions to pages:
 * Edit protection protects the page from being edited.
 * Move protection protects the page from being moved or renamed.
 * Creation protection prevents a page from being created (also known as "salting").
 * Upload protection prevents new versions of a file from being uploaded, but it does not prevent editing of the file's description page (unless edit protection is applied).

Protection levels
The following protection levels are available to administrators for adding protection to the different actions to pages:
 * Pending changes protection (only available for edit protection) requires any edits made to the page by unregistered users and accounts that are not confirmed to be approved by a pending changes reviewer or an administrator before the changes become visible to readers who are not logged in.
 * Semi-protection prevents the action by unregistered users and users with accounts that are not confirmed.
 * Extended confirmed protection, previously known as 30/500 protection, prevents the action if the user's account is not extended confirmed (at least 30 days old with more than 500 edits). In most cases, it should not be a protection level of first resort, and should be used where semi-protection has proven to be ineffective. Activation or application of this protection level is logged at the Administrators' noticeboard.
 * Template protection prevents the action by everyone except template editors and administrators (who have this right as part of their toolset).
 * Full protection prevents the action by everyone except administrators.

Submitting requests
Any of the above protections can be requested at Requests for page protection. Changes to a protected page should be proposed on the corresponding talk page, and then (if necessary) requested by adding an edit request. From there, if the requested changes are uncontroversial or if there is consensus for them, the changes can be carried out by a user who can edit the page.

Except in the case of office actions (see below), Arbitration Committee remedies, or pages in the MediaWiki namespace (see below), administrators may unprotect a page if the reason for its protection no longer applies, a reasonable period has elapsed, and there is no consensus that continued protection is necessary. Editors desiring the unprotection of a page should, in the first instance, ask the administrator who applied the protection unless the administrator is inactive or no longer an administrator; thereafter, requests can be made at Requests for unprotection. Note that such requests will normally be declined if the protecting administrator is active and was not consulted first. A log of protections and unprotections is available at Special:Log/protect.

Protection levels
Each of these levels is explained in the context of edit protection, but each can be applied to other types of protection except for pending changes.

Pending changes protection 


Pending changes protection allows unregistered and new users to edit pages, while keeping their edits hidden from most readers (specifically, unregistered editors – the vast majority of visitors to Wikipedia articles) until those changes are accepted by a pending changes reviewer or administrator. An alternative to semi-protection, it is used to suppress vandalism and certain other persistent problems while allowing all users to continue to submit edits. Pending changes is technically implemented as a separate option, with its own duration, and it yields to other edit protection levels in cases of overlap.

When a page under pending changes protection is edited by an unregistered (IP addresses) editor or a new user, the edit is not directly visible to the majority of Wikipedia readers, until it is reviewed and accepted by an editor with the pending changes reviewer right. When a page under pending changes protection is edited by an autoconfirmed user, the edit will be immediately visible to Wikipedia readers, unless there are pending edits waiting to be reviewed.

Pending changes are visible in the page history, where they are marked as pending review. Readers who are not logged in (the vast majority of readers) are shown the latest accepted version of the page; logged-in users see the latest version of the page, with all changes (reviewed or not) applied. When editors who are not reviewers make changes to an article with unreviewed pending changes, their edits are also marked as pending and are not visible to most readers.

A user who clicks "edit this page" is always, at that point, shown the latest version of the page for editing regardless of whether the user is logged in or not.
 * If the editor is not logged in, their changes join any other changes to the article awaiting review – for the present they remain hidden from not-logged-in users. (This means that when the editor looks at the article after saving, the editor won't see the change made.)
 * If the editor is logged in and a pending changes reviewer, and there are pending changes, the editor will be prompted to review the pending changes before editing – see Pending changes.
 * If the editor is logged in and not a pending changes reviewer:
 * If there are no unreviewed pending edits waiting, this editor's edits will be visible to everyone immediately; but
 * If there are unreviewed pending edits waiting, then this editor's edits will be visible only to other logged-in users (including themself) immediately, but not to readers not logged in.

Reviewing of pending changes should be resolved within reasonable time limits.

When to apply pending changes protection
Pending changes can be used to protect articles against:
 * Persistent vandalism
 * Violations of the biographies of living persons policy
 * Copyright violations

Pending changes protection should not be used as a preemptive measure against violations that have not yet occurred. Like semi-protection, PC protection should never be used in genuine content disputes, where there is a risk of placing a particular group of editors (unregistered users) at a disadvantage. Pending changes protection should not be used on articles with a very high edit rate, even if they meet the aforementioned criteria. Instead, semi-protection should be considered.

In addition, administrators may apply temporary pending changes protection on pages that are subject to significant but temporary vandalism or disruption (for example, due to media attention) when blocking individual users is not a feasible option. As with other forms of protection, the time frame of the protection should be proportional to the problem. Indefinite PC protection should be used only in cases of severe long-term disruption.

Removal of pending changes protection can be requested of any administrator, or at requests for unprotection.

The reviewing process is described in detail at Reviewing pending changes.

Semi-protection


Semi-protected pages like this page cannot be edited by unregistered users (IP addresses), as well as accounts that are not confirmed or autoconfirmed (accounts that are at least 4 days old with at least 10 edits on English Wikipedia). Semi-protection is useful when there is a significant amount of disruption or vandalism from new or unregistered users, or to prevent sockpuppets of blocked or banned users from editing, especially when it occurs on biographies of living persons who have had a recent high level of media interest. An alternative to semi-protection is pending changes, which is sometimes favored when an article is being vandalized regularly, but otherwise receives a low amount of editing.

Such users can request edits to a semi-protected page by proposing them on its talk page, using the Edit semi-protected template if necessary to gain attention. If the page in question and its talk page are both protected, the edit request should be made at Wikipedia:Requests for page protection instead. New users may also request the confirmed user right at Requests for permissions/Confirmed.

Guidance for administrators
Semi-protection should be used as a preemptive measure against vandalism that has not yet occurred or to privilege registered users over unregistered users in (valid) content disputes.

Administrators may apply semi-protection on pages that are:
 * Subject to significant but temporary vandalism or disruption (for example, due to media attention) if blocking individual users is not a feasible option.
 * Subject to edit warring if parties involved are unregistered or new editors. This does  apply when autoconfirmed users are involved.
 * Subject to vandalism or edit warring where unregistered editors are engaging in IP hopping by using different computers, obtaining new addresses by using dynamic IP allocation, or other address-changing schemes.
 * Article discussion pages, if they have been subject to persistent disruption. Such protection should be used sparingly because it prevents unregistered and newly registered users from participating in discussions.
 * Protection should be used sparingly on the talk pages of blocked users, including IP addresses. Instead the user should be re-blocked with talk page editing disallowed. When required, or when re-blocking without talk page editing allowed is unsuccessful, protection should be implemented for only a brief period not exceeding the duration of the block.

In addition, administrators may apply semi-protection to pages that are subject to heavy and persistent vandalism or violations of content policy (such as biographies of living persons, neutral point of view).

A page and its talk page should not normally be protected at the same time. In exceptional cases, if a page and its talk page are both protected, the talk page should direct affected editors to Wikipedia:Request for edit through the use of a non-iconified page protection template, to ensure that no editor is entirely prevented from contributing.

Today's featured article is, since 2023, always semi-protected. This was historically not the case, however.

Extended confirmed protection 


Extended confirmed protection, previously known as 30/500 protection, allows edits only by editors with the extended confirmed user access level, administrators, and bots. Extended confirmed is automatically granted to users on the edit following the account meeting the criteria of being at least 30 days old and having 500 edits.

As escalation from semi-protection
Where semi-protection has proven to be ineffective, administrators may use extended confirmed protection to combat disruption (such as vandalism, abusive sockpuppetry, edit wars, etc.) on any topic. Extended confirmed protection should not be used as a preemptive measure against disruption that has not yet occurred, nor should it be used to privilege extended confirmed users over unregistered/new users in valid content disputes (except as general sanction enforcement; see below).

Contentious topics
When necessary to prevent disruption in designated contentious topic areas, administrators are authorized to make protections at any level. (This is distinct from the extended confirmed restriction below.) Some community-authorized discretionary sanctions grant similar authorizations.

Extended confirmed restriction
Some topic areas are under Arbitration Committee extended confirmed restriction as a general sanction. When such a restriction is in effect in a topic area, only extended-confirmed users may make edits related to the topic area. Enforcement of the restriction on articles primarily in the topic area is preferably done with extended confirmed protection, but it's not required (other enforcement methods are outlined in the policy). As always, review the policy before enforcing it.

Community general sanctions, applying a similar extended confirmed restriction, have also been authorized by the community.

General sanctions has a list of the active general sanctions that incorporate the extended confirmed restriction.

Other cases
High-risk templates can be extended-confirmed protected at administrator discretion when template protection would be too restrictive and semi-protection would be ineffective to stop widespread disruption.

Extended confirmed protection can be applied at the discretion of an administrator when creation-protecting a page.

Logging and edit requests
As of September 23, 2016, a bot posts a notification in a subsection of AN when this protection level is used. Any protection made as arbitration enforcement must be logged at Arbitration enforcement log. Community-authorized discretionary sanctions must be logged on a page specific to the topic area. A full list of the pages under extended confirmed protection can be found [ here].

Users can request edits to an extended confirmed-protected page by proposing them on its talk page, using the template if necessary to gain attention.

Full protection


A fully protected page cannot be edited or moved by anyone except administrators.

Modifications to a fully protected page can be proposed on its talk page (or at another appropriate forum) for discussion. Administrators can make changes to the protected article reflecting consensus. Placing the template on the talk page will draw the attention of administrators for implementing uncontroversial changes.

Content disputes
While content disputes and edit warring can be addressed with user blocks issued by uninvolved administrators, allowing normal page editing by other editors at the same time, the protection policy provides an alternative approach as administrators have the discretion to temporarily fully protect an article to end an ongoing edit war. This approach may better suit multi-party disputes and contentious content, as it makes talk page consensus a requirement for implementation of requested edits.

When protecting a page because of a content dispute, administrators have a duty to avoid protecting a version that contains policy-violating content, such as vandalism, copyright violations, defamation, or poor-quality coverage of living people. Administrators are deemed to remain uninvolved when exercising discretion on whether to apply protection to the current version of an article, or to an older, stable, or pre-edit-war version.

Fully protected pages may not be edited except to make changes that are uncontroversial or for which there is clear consensus. Editors convinced that the protected version of an article contains policy-violating content, or that protection has rewarded edit warring or disruption by establishing a contentious revision, may identify a stable version prior to the edit war and request reversion to that version. Before making such a request, editors should consider how independent editors might view the suggestion and recognize that continuing an edit war is grounds for being blocked.

Administrators who have made substantive content changes to an article are considered involved and must not use their advanced permissions to further their own positions. When involved in a dispute, it is almost always wisest to respect the editing policies that bind all editors and call for input from an uninvolved administrator, rather than to invite controversy by acting unilaterally.

"History only" review
If a deleted page is going through deletion review, only administrators are normally capable of viewing the former content of the page. If they feel it would benefit the discussion to allow other users to view the page content, administrators may restore the page, blank it or replace the contents with template or a similar notice, and fully protect the page to prevent further editing. The previous contents of the page are then accessible to everyone via the page history.

Protected generic file names
Generic file names such as File:Photo.jpg, File:Example.jpg, File:Map.jpg, and File:Sound.wav are fully protected to prevent new versions from being uploaded. Furthermore, File:Map.jpg and File:Sound.wav are salted.

Template protection


A template-protected page can be edited only by administrators or users in the group. This protection level should be used almost exclusively on high-risk templates and modules. In cases where pages in other namespaces become transcluded to a very high degree, this protection level is also valid.

This is a protection level that replaces full protection on pages that are merely protected due to high transclusion rates, rather than content disputes. It should be used on templates whose risk factor would have otherwise warranted full protection. It should not be used on less risky templates on the grounds that the template editor user right exists—the existence of the right should not result in more templates becoming uneditable for the general editing community. In borderline cases, extended confirmed protection or lower can be applied to high risk templates that the general editing community still needs to edit regularly. A full list of the pages under template protection can be found [ here].

Editors may request edits to a template-protected page by proposing them on its talk page, using the template if necessary to gain attention.

Edit protection
Edit protection restricts editing of a page, often due to vandalism or disputes, ensuring only experienced users can make changes (see above for more information).

Creation protection (salting)


Administrators can prevent the creation of pages. This type of protection is useful for pages that have been deleted but repeatedly recreated. Such protection is case-sensitive. There are several levels of creation protection that can be applied to pages, identical to the levels for edit protection. A list of protected titles can be found at Special:ProtectedTitles (see also historical lists).

Preemptive restrictions on new article titles are instituted through the title blacklist system, which allows for more flexible protection with support for substrings and regular expressions.

Pages that have been creation-protected are sometimes referred to as "salted". Editors wishing to re-create a salted title with appropriate content should either contact an administrator (preferably the protecting administrator), file a request at, or use the deletion review process. To make a convincing case for re-creation, it is helpful to show a draft version of the intended article when filing a request.

Create protection of any duration may be applied to pages being repeatedly recreated in violation of policy using the lowest protection level sufficient to stop the disruption (autoconfirmed, extended-confirmed, or full). Due to the implementation of ACPERM, non-confirmed editors cannot create pages in mainspace; thus, semi-creation protection should be used only for protection of pages outside of mainspace.

While creation-protection is usually permanent, temporary creation protection can be applied if a page is repeatedly recreated by a single user (or sockpuppets of that user, if applicable).

Move protection


Move-protected pages, or more technically, fully move-protected pages, cannot be moved to a new title except by an administrator. Move protection is commonly applied to:


 * Pages subject to persistent page-move vandalism.
 * Pages subject to a page-name dispute.
 * Highly visible pages that have no reason to be moved, such as the administrators' noticeboard and articles selected as "Today's featured article" on the main page.

Move protection of any duration may be applied to pages being repeatedly moved in violation of policy using the lowest protection level sufficient to stop the disruption (extended-confirmed or full). Due to the implementation of ACPERM, non-confirmed editors cannot move pages so semi-move protection has no effect.

Fully edit-protected pages are also implicitly move-protected.

As with full edit protection, protection because of edit warring should not be considered an endorsement of the current name. When move protection is applied during a requested move discussion, the page should be protected at the location it was at when the move request was started.

All files and categories are implicitly move-protected, requiring file movers or administrators to rename files, and page movers or administrators to rename categories.

Upload protection


Upload-protected files, or more technically, fully upload-protected files, cannot be replaced with new versions except by an administrator. Upload protection does not protect file pages from editing. It can be applied by an administrator to:
 * Files subject to persistent upload vandalism.
 * Files subject to a dispute between editors.
 * Files that should not be replaced, such as images used in the interface or transcluded to the main page.
 * Files with common or generic names. (e.g., [[File:map.png]])

As with full edit protection, administrators should avoid favoring one version over another, and protection should not be considered an endorsement of the current version. An exception to this rule is when they are protected due to upload vandalism.

Cascading protection


Cascading protection fully protects a page, and extends that full protection automatically to any page that is transcluded onto the protected page, whether directly or indirectly. This includes templates, images and other media that are hosted on the English Wikipedia. Files stored on Commons are not protected by any other wiki's cascading protection and, if they are to be protected, must be either temporarily uploaded to the English Wikipedia or explicitly protected at Commons (whether manually or through cascading protection there). When operational, KrinkleBot cascade-protects Commons files transcluded at Main Page/Tomorrow, Main Page/Commons media protection and Main Page. As the bot's response time varies, media should not be transcluded on the main page (or its constituent templates) until after it has been protected. (This is particularly relevant to Template:In the news, for which upcoming images are not queued at Main Page/Tomorrow.) Cascading protection:
 * Should be used only to prevent vandalism when placed on particularly visible pages, such as the main page.
 * Is available only for fully protected pages; it is disabled for lower levels of protection as it represents a workflow flaw. See below as well as this bug ticket for more information.
 * Is not instantaneous; it can be several hours before it takes effect. See T20483 for more information.
 * Should generally not be applied directly to templates or modules, as it will not protect transclusions inside tags or transclusions that depend on template parameters, but will protect the documentation subpage., for alternatives.

The list of cascading-protected pages can be found at Cascade-protected items. Requests to add or remove cascading protection on a page should be made at Wikipedia talk:Cascade-protected items as an edit request.

Permanent protection


Administrators cannot change or remove the protection for some areas on Wikipedia, which are permanently protected by the MediaWiki software:
 * Edits to the MediaWiki namespace, which defines parts of the site interface, are restricted to administrators and interface administrators.
 * Edits to system-wide CSS and JavaScript pages such as MediaWiki:common.js are further restricted to interface administrators.
 * Edits to personal CSS and JavaScript pages such as User:Example/monobook.css and User:Example/vector-2022.js are restricted to the associated user and interface administrators. Interface administrators may edit these pages, for example, to remove a user script that has been used inappropriately. Administrators may delete (but not edit or restore) these pages.
 * Edits to personal JSON pages such as User:Example/data.json are restricted to the associated user and administrators.

Such protection is called permanent or indefinite protection, and interface protection in the case of CSS and JavaScript pages.

In addition to hard-coded protection, the following are usually fully protected for an indefinite period of time (though not necessarily with interface protection):


 * Very visible pages, such as the Main Page.
 * Pages that should not be modified for legal reasons, such as the general disclaimer or the local copy of the site copyright license.
 * Pages that are very frequently transcluded, such as or, to prevent vandalism or denial of service attacks. This includes images or templates used in other highly visible or frequently transcluded pages. See High-risk templates for more information.

Office actions


As outlined in, pages can be protected by Wikimedia Foundation staff in response to issues such as copyright infringement or libel. Such actions override community consensus. Administrators should not edit or unprotect such pages without permission from Wikimedia Foundation staff.

Superprotect
Superprotect was a level of protection, allowing editing only by [ Wikimedia Foundation employees who were in the Staff global group]. It was implemented on August 10, 2014 and removed on November 5, 2015. It was never used on the English Wikipedia.

For several years, the Gadget namespace (which no longer exists) could only be edited by WMF staff, which has sometimes been referred to as superprotection even though it is unrelated to the above use.

Cascading semi-protection
Cascading semi-protection was formerly possible, but it was disabled in 2007 after users noticed that non-administrators could fully protect any page by transcluding it onto the page to which cascading semi-protection had been applied by an administrator.

Pending changes protection level 2
Originally, two levels of pending changes protection existed, where level2 required edits by all users who are not pending changes reviewers to be reviewed. Following a community discussion, level2 was retired from the English Wikipedia in January 2017. It was suggested then that "Pending changes level1" be referred to in the future as simply "Pending changes".

Article talk pages
Modifications to a protected page can be proposed on its talk page (or at another appropriate forum) for discussion. Administrators can make changes to the protected article reflecting consensus. Placing the template on the talk page will draw the attention of administrators for implementing uncontroversial changes.

Talk pages are not usually protected, and are semi-protected only for a limited duration in the most severe cases of disruption.

User talk pages
User talk pages are rarely protected. However, protection can be applied if there is severe vandalism or abuse. Users whose talk pages are protected may wish to have an unprotected user talk subpage linked conspicuously from their main talk page to allow good-faith comments from users that the protection restricts editing from.

A user's request to have their own talk page protected is not a sufficient rationale by itself to protect the page, although requests can be considered if a reason is provided.

Blocked users
Blocked users' user talk pages should not ordinarily be protected, as this interferes with the user's ability to contest their block through the normal process. It also prevents others from being able to use the talk page to communicate with the blocked editor.

In extreme cases of abuse by the blocked user, such as abuse of the unblock template, re-blocking the user with talk page access removed should be preferred over applying protection to the page. If the user has been blocked and with the ability to edit their user talk page disabled, they should be informed of this in a block notice, subsequent notice, or message, and it should include information and instructions for appealing their block off-wiki, such as through the UTRS tool interface or, as a last recourse, the Arbitration Committee.

When required, protection should be implemented for only a brief period, not exceeding the duration of the block.

Confirmed socks of registered users should be dealt with in accordance with Sockpuppetry; their pages are not normally protected.

User pages
Base user pages (for example, the page User:Example, and not User:Example/subpage or User talk:Example) are automatically protected from creation or editing by unconfirmed accounts and anonymous IP users. An exception to this includes an unconfirmed registered account attempting to create or edit their own user page. IP editors and unconfirmed accounts are also unable to create or edit user pages that do not belong to a currently registered account. This protection is enforced by an edit filter. Users may opt-out of this protection by placing anywhere on their own user page.

User pages and subpages within their own user space can be protected upon a request from the user, as long as a need exists. Pages within the user space should not be automatically or preemptively protected without good reason or cause. Requests for protection specifically at uncommon levels (such as template protection) can be granted if the user has expressed a genuine and realistic need.

When a filter is insufficient to stop user page vandalism, a user may choose to create a ".css" subpage (ex. User:Example/Userpage.css), copy all the contents of their user page onto the subpage, transclude the subpage by putting on their user page, and then ask an administrator to fully protect their user page. Because user space pages that end in ".css" and ".js" are editable only by the user to which that user space belongs (and interface administrators), this will protect one's user page from further vandalism.

Deceased users
In the event of the confirmed death of a user, the user's user page (but not the user talk page) should be fully protected.

Protection of templates
Highly visible templates – those used on a large number of pages or frequently substituted – are often edit protected based on the degree of visibility, type of use, content, and other considerations.

Protected templates should normally have the documentation template. It loads the unprotected  page, so that non-admins and IP-users can edit the documentation, categories and interwiki links. It also automatically adds pp-template to protected templates, which displays a small padlock in the top right corner and categorizes the template as protected. Only manually add to protected templates that don't use  (mostly the flag templates).

Cascading protection should generally not be applied directly to templates, as it will not protect transclusions inside tags or transclusions that depend on template parameters, but will protect the template's documentation subpage. Instead, consider any of the following:
 * If the set of subtemplates is static (even if large), protect them using normal protection mechanisms.
 * If the set of subtemplates is unbounded, use MediaWiki:Titleblacklist to protect all subtemplates using a particular naming format (as is done for editnotice templates and subtemplates of Template:TFA title).

Note: All editnotice templates (except those in userspace) are already protected via MediaWiki:Titleblacklist. They can be edited by admins, template editors and page movers only.

Sandboxes
Sandboxes should not ordinarily be protected since their purpose is to let new users test and experiment with wiki syntax. Most sandboxes are automatically cleaned every 12 hours, although they are frequently overwritten by other testing users. The Sandbox is cleaned every hour. Those who use sandboxes for malicious purposes, or to violate policies such as no personal attacks, civility, or copyrights, should instead be warned and/or blocked.

Available templates
The following templates can be added at the very top of a page to indicate that it is protected:

On redirect pages, use the Redirect category shell template, which automatically categorizes by protection level, below the redirect line. A protection template may also be added below the redirect line, but it will serve only to categorize the page, as it will not be visible on the page, and it will have to be manually removed when protection is removed.