Background
See the parent task for what global autoblocks are and why we are implementing them: T368949: Implement global autoblocks from global user blocks
We want to ensure the best balance between preventing abuse (we don't want to under-block) and preventing good faith contributions as collateral damage (we don't want to over-block).
Open questions
- Should we only block account creation, so unblocked, logged-in temporary accounts can still edit?
- Should we allow global autoblocks for all global user block, or just temporary account blocks?
- Should the global autoblock be against the last IP used across all wikis, or the last IP from each wiki?
- Should we only lookup IP addresses that were used for edits, or for all actions?
- Should we implement global cookie blocks at the same time? (Note T345245: Mitigate phase-out of third-party cookies across MediaWiki in production)