Please keep in mind that sometimes originating client IP in XFF header may be non-routable (10.* or 192.168.*)
On Thu, Jan 22, 2015 at 8:35 AM, Oliver Keyes okeyes@wikimedia.org wrote:
I don't grok that message, I'm afraid; there's a config list of "these IPs are IPs we accept as trusted XFF providers": it's used in CheckUser and similar tools to avoid ending up with everyone geolocating to Virginia. I'm suggesting zero IP ranges that are providing XFFs get added to that so that there's only one thing to maintain and only one thing to check.
On 22 January 2015 at 09:39, Federico Leva (Nemo) nemowiki@gmail.com wrote:
Oliver Keyes, 21/01/2015 02:17:
I'd actually suggest just moving them to the site-wide config files we use for all other recognised proxies.
If they aren't Wikimedia projects specific, there is no reason for them
to
be in WMF configuration. To the contrary, there are ample precedents for such things to be managed on Meta-Wiki (spam blacklist, titleblacklist, interwiki map etc.) even for extensions bundled with core. On the other hand, it would clearly better to outsource the maintenance of such lists
to
a generic provider, as we did with TorBlock.
Nemo
Analytics mailing list Analytics@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/analytics
-- Oliver Keyes Research Analyst Wikimedia Foundation
Analytics mailing list Analytics@lists.wikimedia.org https://lists.wikimedia.org/mailman/listinfo/analytics