https://bugzilla.wikimedia.org/show_bug.cgi?id=23343
Marcin Cieślak <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #8 from Marcin Cieślak <[email protected]> 2011-01-13 01:37:58 UTC --- The way I understand this bug is that XFF IP addresses should be checked for blocking *irrespective* the trusted XFF list. In August 2010 checkusers saw example of the email spammer that used 19 different IP addresses plus 4 /24 networks and 1 /network full of proxies. But he only had 4 different IP addresses in his XFF headers from a single /16 range of the dynmic IP provider. Many of those proxies where some located on some dynamic DSL loatons of unknown provenience, so that marking them as "trusted" would be a recipe for disaster. We don't know whether they allow for private IP addresses, we don't know if they allow fake XFF to be passsed over etc. Besides I don't believe that TrustedXFF list could (and should) be edited and deployed so quickly to fight abuse like this. This feature could possibly be enabled by default - there is little damage if someone fakes their XFF header and happens to use a blocked IP address, so be it. It could become problematic with RFC1918 addresses - for example a non-wikimedia wiki that wishes to block some local user 192.168.0.0/24 would be effectively be blocking all poor RFC1918 souls behind some proxies on the whole Internet. -- Configure bugmail: https://bugzilla.wikimedia.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. You are on the CC list for the bug. _______________________________________________ Wikibugs-l mailing list [email protected] https://lists.wikimedia.org/mailman/listinfo/wikibugs-l
