[WikiEN-l] Editing with open proxies
Ilmari Karonen
nospam at vyznev.net
Sat Jun 16 19:55:19 UTC 2007
MacGyverMagic/Mgm wrote:
> If it is against policy then why aren't we blocking those proxies?
We are, but the problem is that new ones keep popping up all the time.
Still, it *should* be possible to automatically block editing from
*most* Tor exit nodes; if Torstatus can keep up with them, we should be
able to do the same. A few nodes would probably be missed because
they're multihomed or behind transparent proxies, but I don't believe
those are all that common.
Of course, that would only solve the problem for Tor, not for the
countless zombie computers and misconfigured proxies that make up the
majority of the proxy-blocking workload. So I suppose preemptively
blocking Tor may not be seen as a major priority from that perspective.
> And if proxy editing is against policy we should block AOL too as it is
> basically an open proxy to with all the IP switching going on.
IIRC, we did, the moment AOL started allowing people other than their
direct customers to use their proxies. There were calls for blocking
them, at least anon-only, even before that, but for various reasons --
including the number of AOL customers that would've been hit as well as
vague promises from AOL that something would be done about it real soon
now -- it never got done back then. (Not here, anyway; the German
Wikipedia, at least, did block them.)
The issue was finally resolved when AOL eventually got their proxies
configured to send us proper X-Forwarded-For headers and we added them
to the list of trusted proxies from which we accept such headers. Thus,
users editing now via AOL's proxies have their edits assigned to their
actual IP address rather than that of the proxy.
(Needless to say, that won't happen with Tor; their very purpose is to
make it impossible to determine the real IP addresses of their users.)
--
Ilmari Karonen
More information about the WikiEN-l
mailing list