Gerard Meijssen wrote:
Hoi,
A user of the nl:wikipedia who had the misfortune to be blocked on a
proxy server, mentioned that many providers send a
HTTP_X_FORWARDED_FOR header along. This she said could easily be
retrieved using PHP with the variable
$_SERVER["HTTP_X_FORWARDED_FOR"]. Now when this is true, it makes
excellent sense to use this IP-adress for the registration of
contributions but also for the use of blocking specific IP numbers.
I have no idea if our software uses this or not. I thought this a
great idea so I move this remark to you in the hope that we can
enhance our software and make our anti vandal solutions more accurate.
In my experience, caching proxies from ISPs don't usually give an XFF
header. It's only a squid extension anyway, not part of the HTTP
standard. Open proxies give an XFF header maybe 50% of the time.
AOL, for example, gives no information in their HTTP headers which
identifies a user. This is a deliberate policy aimed at protecting
privacy.
-- Tim Starling
If we can cut down on 50% of the inaccurate blocks and many of the
blanket blocks when an XFF header IS given, we achieve a much more fine
grained tool of hurting vandalism without having to resort to always
removing the blocks because of good people being hurt by it. When it is
not feasible because the chance of doctored information from malicious
users is too great it is not possible. But 50% more accuracy when
dealing with proxies sounds good to me.
Thanks,
Gerard