Once you have been made aware of obvious harassment or threats, there are actions you may take immediately that don't require in-depth investigation. You might already be familiar with these actions, as they are fairly commonly used by by local administrators or functionaries.
Blocking users – the basics
If you are experienced with using the block tool, feel free to skip this section.
The block is one of the central tools available to administrators and those with advanced permissions. It prevents a registered user account from editing and an unregistered user from editing from a specific IP address. Blocking policies are project-specific. More information on performing blocks, and when they're appropriate, can be found on those projects.
Range blocks, where a group or "range" of IPs are blocked, can be a powerful weapon against IP-hopping users, but is also a solution with a lot of potential collateral damage. Consider consulting a colleague with experience or asking for help before applying a range block for the first time and make sure you are aware of and respect local policies about their use.
Revision deletion or suppression
Revision deletion (sometimes shortened to "revdel") is available to administrators. It acts in the same way as regular deletion, by hiding deleted content from those without sysop privileges. This is a reversible action and can be a good first response to obvious attacks, even if you feel the larger issue needs to be discussed more thoroughly. It can also be used when the harassment doesn't reach the criteria for suppression.
Suppression (also called oversight) is a tool that can be used to hide content even from administrators. Policies on suppression can vary a little by wiki. The usual criteria form a global policy that can be found on Meta-Wiki, which can also provide steward oversight actions for those communities that don't have local suppression functionaries. Of the criteria, those which most relate to harassment are:
- Removal of non-public personal information
- This includes information about users such as phone numbers, home addresses, and workplaces or identities of pseudonymous or anonymous individuals who have not made their identity public, or of public individuals who have not made that personal information public.
- Functionaries are encouraged to use common sense and intuition when making a call like this. Suppression can be reversed, so it is usually safest to remove when in doubt.
- Removal of potentially libelous information
- This is done either on the advice of Wikimedia Foundation counsel or when the case is clear and there is no editorial reason to keep the revision.
- Hiding of blatant attack names
- This action is applied to automated lists and logs, where such an action does not disrupt edit histories. A blatant attack is one obviously intended to denigrate, threaten, libel, insult, or harass someone.
- Note that usernames are created globally by default. You can "block-suppress" locally, but it's usually best to have a Steward "lock-suppress" the account globally. (Remember that, when it comes to registered user accounts, "blocks" are local actions, but "locks" are global.)
Cross-wiki blocking and tracking
In the event that an obvious harasser is abusing someone across multiple wikis, it may be necessary to take global action. It is possible to globally lock accounts, though only stewards have this ability. They can also globally block the underlying IP address to prevent the creation of sockpuppets or "sleeper" accounts.
Global sysops (or users with administrator rights on more than one wiki) can also help to keep cross-project abuse to a minimum (or help support projects without administrators or with very few), though the role of combatting global abuse is generally best left to the stewards.
The Small Wiki Monitoring Team can help to track and prevent obvious vandalism or harassment through their own methods. They might be worth contacting to help keep track of harassment on smaller wikis and may have background knowledge of problem users on those projects.