[Mediawiki-l] faking IP address?
Hullen at t-online.de
Tue May 29 08:55:00 UTC 2012
Du meintest am 28.05.12:
>> is it possible that a bad guy fakes his IP address when he creates a
> Kind of. If the spammer uses a proxy, and the proxy provides a
> X-Forwarded-For header, with the IP of the client on behalf of which
> it is forwarding the request (or more, if there were several proxy
> hops), MediaWiki will use that IP instead, provided it trusts the
> proxy. Your apache access_log will report the proxy in such case.
> This is most interesting for the case where you have a reverse proxy
> (such as squid or varnish) in front of your site.
> A proxy is considered trusted if its ip appears on $wgSquidServers or
Thank you - I'll ask my provider. Now I know what to ask him ...
More information about the MediaWiki-l