[Mediawiki-l] faking IP address?

Helmut Hullen Hullen at t-online.de
Tue May 29 08:55:00 UTC 2012


Hallo, Platonides,

Du meintest am 28.05.12:

>> is it possible that a bad guy fakes his IP address when he creates a
>> page?

[...]

> Kind of. If the spammer uses a proxy, and the proxy provides a
> X-Forwarded-For header, with the IP of the client on behalf of which
> it is forwarding the request (or more, if there were several proxy
> hops), MediaWiki will use that IP instead, provided it trusts the
> proxy. Your apache access_log will report the proxy in such case.

> This is most interesting for the case where you have a reverse proxy
> (such as squid or varnish) in front of your site.

> A proxy is considered trusted if its ip appears on $wgSquidServers or
> $wgSquidServersNoPurge.

Thank you - I'll ask my provider. Now I know what to ask him ...

Viele Gruesse!
Helmut



More information about the MediaWiki-l mailing list