Neil Harris wrote: (re proxy-scanning on demand)
And I've just realized that this will also have another advantage: legitimate policy-compliant users using open proxies (for whatever reason) won't get automatically banned: they will still be able to edit, so we default to being permissive. The moment that proxy is used for abuse, though, that's another open proxy blocked for good.
More possible heuristics: scan editing IPs for open proxies if the page they are editing has been protected in the recent past, or if the admin revert function has recently been used on that page. This will catch proxy-hopping users who engage in edit wars (Israel/Palestine, Fascism, GW Bush...), but again only add a very small number of scans to the overall total.
As in earlier proposals, we can add a recent-scans record, so an IP won't be scanned more than say once a day, no matter what happens.
-- N.
Here are two final, but possibly less safe, heuristics: * do an open proxy scan on any IP that does a page move * do an open proxy scan on any IP that commits edits at faster than a certain rate
Those might well put a spoke in certain determined vandals' activities.
- N.