I've been looking into the open proxy blocking functionality today and have
found some interesting things. Is this what Wikipedia is using to block open
proxies?
One issue that I found is that since proxy_check.php didn't send some client
and other relevant headers to the proxy, several proxies replied with "301
Moved Permanently" responses and wouldn't load the SpecialBlockme.php page
(which is a really cool idea by the way). I'm not sure why this was - but
adding in some fake firefox header information seemed to fix it.
Some proxies seemed to connect to a 2nd proxy before connecting to the final
server. For example if I set my proxy to 62.75.167.11:8080 ,
my IP ends up being listed as 62.75.136.84 when I edit a page, and this IP
is not accepting connections on 8080. This unfortunately circumvents the
benefits of proxy_checker.php.
SpecialBlockme doesn't have an expiry by default, it might be a good idea to
have a more realistic length of blocking especially for something that's
automated, like a global variable $wgProxyDefaultBlockLength which could be
set to something like "3 months". Also, SpecialBlockme doesn't record log
entries for blockingopen proxies, which admins might find useful, so I added
this to our setup by adding these lines:
$log = new LogPage( 'block' );
$log->addEntry( 'block', Title::makeTitle( NS_USER, $ip ), $reason,
$wgProxyDefaultBlockLength) );
I came across this page:
http://meta.wikimedia.org/wiki/Meta:WikiProject_on_open_proxies
Is this project still active? If so, is there any easy way to import updated
versions of this list in an automated fashion? What's the obscure blacklist
that was mentioned in this link, can you tell us more about it Brion?
Travis