Hallo, Platonides,
Du meintest am 28.05.12:
is it possible that a bad guy fakes his IP address when he creates a page?
[...]
Kind of. If the spammer uses a proxy, and the proxy provides a X-Forwarded-For header, with the IP of the client on behalf of which it is forwarding the request (or more, if there were several proxy hops), MediaWiki will use that IP instead, provided it trusts the proxy. Your apache access_log will report the proxy in such case.
This is most interesting for the case where you have a reverse proxy (such as squid or varnish) in front of your site.
A proxy is considered trusted if its ip appears on $wgSquidServers or $wgSquidServersNoPurge.
Thank you - I'll ask my provider. Now I know what to ask him ...
Viele Gruesse! Helmut