I've gotten three separate complaints, automated, but which may cause us some trouble. Apparently our proxy blocker is doing something which some sites perceive to be an attempt to probe for security problems (which, of course, is true).
I think we should be doing this, but until I confirm with our colo that we won't be getting grief for this, I think we should stop.
This is not an emergency, but is something that should be done soon.
Possibly there is a way we can limit the use of the anon proxy probe to cases that are highly suspicious or something?
--Jimbo
Jimmy Wales wrote:
I've gotten three separate complaints, automated, but which may cause us some trouble. Apparently our proxy blocker is doing something which some sites perceive to be an attempt to probe for security problems (which, of course, is true).
Sure, that's exactly what it's doing. Scanning for security problems.
I think we should be doing this, but until I confirm with our colo that we won't be getting grief for this, I think we should stop.
This is not an emergency, but is something that should be done soon.
Possibly there is a way we can limit the use of the anon proxy probe to cases that are highly suspicious or something?
I've switched it off. A possible alternative would be to obtain a proxy list from another source, such as BOPM. I'll look into it.
-- Tim Starling
wikitech-l@lists.wikimedia.org