[jira] [Commented] (JSPWIKI-804) SpamFilter should support X-Forwarded-For header in the banlist
[ https://issues.apache.org/jira/browse/JSPWIKI-804?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanelfocusedCommentId=13835063#comment-13835063 ] Juan Pablo Santos Rodríguez commented on JSPWIKI-804: - ugh! Harry I've just seen you asigned this to yourself, didn't noticed before :-/ apologies for stepping in without asking SpamFilter should support X-Forwarded-For header in the banlist --- Key: JSPWIKI-804 URL: https://issues.apache.org/jira/browse/JSPWIKI-804 Project: JSPWiki Issue Type: Improvement Components: Filters Affects Versions: 2.10 Environment: NA Reporter: Harry Metske Assignee: Harry Metske Fix For: 2.10 Currently the SpamFilter only supports banning based on IP address of the client (as gotten from the HttpRequest.getRemoteAddr() ). If you are behind a proxy or loadbalancer, chances are that you get the address of the proxy or lb instead of the real client IP address. Therefore the X-Forwarded-For request header could be used. See http://en.wikipedia.org/wiki/X-Forwarded-For -- This message was sent by Atlassian JIRA (v6.1#6144)
Re: current situtation JSPWiki VM
Hi, I've just noticed a couple of strange things: - preferences aren't saved if you're an anonymous user, not sure if related to ProxyPassReverseCookiePath parameter being (not?) set on apache cfg? apache isn't changing the app path, so it shouldn't be necessary. - non-ascii letters are shown as ?, i.e. I get Buenas, (an?nimo) instead of Buenas, (anónimo) not sure if uriencoding is set on tomcats' server.xml, or if it's an apache issue both issues also happen when going directly through jspwiki-vm.a.o/wiki thoughts? br, juan pablo On Wed, Nov 27, 2013 at 11:14 PM, Glen Mazza glen.ma...@gmail.com wrote: Could it be that they didn't give us jspwiki.apache.org/wiki directly because jspwiki.apache.org refers to a different machine (IP address)? But at least j.a.o/wiki redirects to the wiki. Glen On 11/27/2013 03:19 PM, Harry Metske wrote: Juan, X-Forwarded-For header is an excellent idea. I should have thought of that myself :-). I just check on the vm, we get that header passed from the proxy. I will create a JIRA issue for JSPWiki SpamFilter for that. I'll also ask INFRA if it possible to have the URL changed. tx, Harry On 27 November 2013 18:59, Juan Pablo Santos Rodríguez juanpablo.san...@gmail.com wrote: Hi Harry, thanks a lot for pursuing this!! as you say, https://jspwiki-wiki.apache.org/wiki seems a little weird, ideally, jspwiki.a.o/wiki should serve the wiki (same for doc wiki). As for the real ip, could we use x-ip-forwarded-for header? (don't know about fail2ban, but most probably SpamFilter isn't looking in for that header, we should add it) br, juan pablo On Wed, Nov 27, 2013 at 9:40 AM, Harry Metske harry.met...@gmail.com wrote: Folks, Our wiki is now available at : https://jspwiki-wiki.apache.org/wiki See the last comment for the status : https://issues.apache.org/jira/browse/INFRA-5588? focusedCommentId=13833580page=com.atlassian.jira. plugin.system.issuetabpanels:comment-tabpanel#comment-13833580 Does anyone of you have anything to add here ? * I like to see client IP address, so we can use the SpamFilter and fail2ban. * the URL has a double reference to wiki, both in the hostname and the resource after the / (and also for doc), but is not a showstopper to me. kind regards, Harry
Re: current situtation JSPWiki VM
strange indeed. also logged in users cannot save their preferences. for the encoding thing, I addedd URIEncoding=UTF-8 to the AJP connector (though that shouldn't be necessary) , but that did not help. Looking with vi at the file on the filesystem shows correct encoding. I have to dig a bit more (tomorrow I think). regards, Harry On 29 November 2013 00:00, Juan Pablo Santos Rodríguez juanpablo.san...@gmail.com wrote: Hi, I've just noticed a couple of strange things: - preferences aren't saved if you're an anonymous user, not sure if related to ProxyPassReverseCookiePath parameter being (not?) set on apache cfg? apache isn't changing the app path, so it shouldn't be necessary. - non-ascii letters are shown as ?, i.e. I get Buenas, (an?nimo) instead of Buenas, (anónimo) not sure if uriencoding is set on tomcats' server.xml, or if it's an apache issue both issues also happen when going directly through jspwiki-vm.a.o/wiki thoughts? br, juan pablo On Wed, Nov 27, 2013 at 11:14 PM, Glen Mazza glen.ma...@gmail.com wrote: Could it be that they didn't give us jspwiki.apache.org/wiki directly because jspwiki.apache.org refers to a different machine (IP address)? But at least j.a.o/wiki redirects to the wiki. Glen On 11/27/2013 03:19 PM, Harry Metske wrote: Juan, X-Forwarded-For header is an excellent idea. I should have thought of that myself :-). I just check on the vm, we get that header passed from the proxy. I will create a JIRA issue for JSPWiki SpamFilter for that. I'll also ask INFRA if it possible to have the URL changed. tx, Harry On 27 November 2013 18:59, Juan Pablo Santos Rodríguez juanpablo.san...@gmail.com wrote: Hi Harry, thanks a lot for pursuing this!! as you say, https://jspwiki-wiki.apache.org/wiki seems a little weird, ideally, jspwiki.a.o/wiki should serve the wiki (same for doc wiki). As for the real ip, could we use x-ip-forwarded-for header? (don't know about fail2ban, but most probably SpamFilter isn't looking in for that header, we should add it) br, juan pablo On Wed, Nov 27, 2013 at 9:40 AM, Harry Metske harry.met...@gmail.com wrote: Folks, Our wiki is now available at : https://jspwiki-wiki.apache.org/wiki See the last comment for the status : https://issues.apache.org/jira/browse/INFRA-5588? focusedCommentId=13833580page=com.atlassian.jira. plugin.system.issuetabpanels:comment-tabpanel#comment-13833580 Does anyone of you have anything to add here ? * I like to see client IP address, so we can use the SpamFilter and fail2ban. * the URL has a double reference to wiki, both in the hostname and the resource after the / (and also for doc), but is not a showstopper to me. kind regards, Harry