Last modified: 2010-07-28 20:12:54 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T25982, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 23982 - CAPTCHA can be required when logging in from toolserver
CAPTCHA can be required when logging in from toolserver
Status: RESOLVED FIXED
Product: Wikimedia
Classification: Unclassified
General/Unknown (Other open bugs)
unspecified
All All
: Normal normal (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2010-06-15 18:45 UTC by CBM
Modified: 2010-07-28 20:12 UTC (History)
7 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description CBM 2010-06-15 18:45:16 UTC 
From time to time, the wikimedia servers will decide that a CAPTCHA is required to log in from toolserver hosts such as nightshade.toolserver.org. Once this happens, bots on the toolserver can no longer log in until the CAPTCHA requirement is (automatically) lifted. But there is nothing an individual bot maintainer can do to resolve the problem except turn off their bot and wait. 

One solution would be to exempt toolserver hosts from the CAPTCHA, but that may not be the most desirable solution for various reasons. Maybe there's a better fix? 

This is a tracking bug for possible solutions.
Comment 1 Alex Z. 2010-06-15 22:31:02 UTC 
The ConfirmEdit extension has a $wgCaptchaWhitelistIP setting, so globally exempting the toolserver on WMF wikis would be trivial to do.
Comment 2 p858snake 2010-06-16 00:12:33 UTC 
Shouldn't it already be avoided once it's logged in (assuming the bot is autoconfirmed)?
Comment 3 CBM 2010-06-16 00:24:13 UTC 
If the bot is already logged in, and does not need to log in again, things should be fine for it. But if the bot runs from a cron job, for example, and logs in each time it runs, then being autoconfirmed does not help. 

Also, because there are lots of bots all trying to log in at once, manually solving the captcha and logging in by hand is not a sure fix, like it would be on a home computer. If some other bot tries to log in without the captcha before it is removed, the captcha system will engage again.
Comment 4 X! 2010-06-16 00:40:22 UTC 
Marking as critical, this is a major issue that is preventing multiple bots from logging in.
Comment 5 MZMcBride 2010-06-16 01:58:30 UTC 
$wgCaptchaWhitelistIP = array( '91.198.174.0/24' ); # toolserver (bug 23982)

Synced by Tim a few minutes ago. This resolves the specific current issue, but as this is a tracking bug, it should remain open until a proper fix is implemented.
Comment 6 Tim Starling 2010-06-16 02:11:26 UTC 
It was a proper fix.
Comment 7 X! 2010-06-19 00:02:58 UTC 
Still appears to be an issue. After verifying that everything is still correct, I am getting WrongPass and Throttled errors.
Comment 8 X! 2010-06-19 00:34:25 UTC 
PEBCAK
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links