Last modified: 2011-12-01 14:55:29 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T26717, the corresponding Phabricator task for complete and up-to-date bug report information.
First Last Prev Next    This bug is not in your last search results.
Bug 24717 - Proxy scanning triggered with every edit, resulting in server overload
Proxy scanning triggered with every edit, resulting in server overload
Status: RESOLVED WORKSFORME
Product: MediaWiki
Classification: Unclassified
General/Unknown (Other open bugs)
1.16.x
PC Linux
: Highest blocker (vote)
: ---
Assigned To: Nobody - You can work on this!
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2010-08-08 02:59 UTC by Terry A. Hurlbut
Modified: 2011-12-01 14:55 UTC (History)
4 users (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Description Terry A. Hurlbut 2010-08-08 02:59:37 UTC 
We have noticed a show-stopping problem with unwanted automatic proxy checking being done without our setting the involved variable ($wgBlockOpenProxies). We are trying to establish a new server that uses cPanel and stores the wiki in a directory like this:

/home/user_name/public_html

With any edit that anyone makes, proxy_check.php goes wild and the entire server is overloaded and can't do anything. This problem first came up rather suddenly when we upgraded to MediaWiki release 1.12. We were told that we could no longer host our wiki on a semi-dedicated server, because other accounts were suffering. So we got a fully dedicated server, but with a different control-panel application (Parallels Plesk) and directory structure:

/var/www/vhosts/domain.name/httpdocs

The problem: we wanted to upgrade our hardware, and also to move back from Plesk to cPanel, after we had issues with administrative e-mail not getting out to new account registrants. The old server doesn't do this unwanted proxy checking, but the new server does--every time. We tried upgrading to MW release 1.16 and disabling all extensions. No joy.

How can we make sure that proxy checking never occurs? Why should MediaWiki not "play nice" with cPanel? Does MW have some script that says that it will do proxy checking automatically if it is on a

/home/user_name/public_html

type directory structure?
Comment 1 Tim Starling 2010-08-08 03:23:12 UTC 
Most likely, $wgBlockOpenProxies was set to true, but you thought it wasn't because you were reading the wrong LocalSettings.php file. Since you probably won't believe me about that, replacing proxy_tools.php with an empty (zero-byte) file would be another possible solution. Or you could delete the wfProxyCheck() call in EditPage.php.
Comment 2 Terry A. Hurlbut 2010-08-09 01:07:36 UTC 
(In reply to comment #1)
> Most likely, $wgBlockOpenProxies was set to true, but you thought it wasn't
> because you were reading the wrong LocalSettings.php file. Since you probably
> won't believe me about that, replacing proxy_tools.php with an empty
> (zero-byte) file would be another possible solution. Or you could delete the
> wfProxyCheck() call in EditPage.php.

I thought that might be it. It's just that my LocalSettings.php says nothing about $wgBlockOpenProxies = true or anything like that.

I might have a workaround. Do you recommend removing $wgProxyKey and/or $wgSecretKey?

How if I explicitly set $wgBlockOpenProxies = false?

I'll remember that: EditPage.php. Comment out the proxy-check call...yes, I'll do that.

On our wiki, we do not permit anonymous editing. Everyone who wants to edit, has to have a password-protected account with us. I see no need to worry about proxies, or about spoofing. I don't care if they come in via a proxy--so long as they authenticate themselves with us.
Comment 3 p858snake 2010-08-09 01:27:23 UTC 
(In reply to comment #2)
> How if I explicitly set $wgBlockOpenProxies = false?
Set it in your localsettings file, It will override whatever the default is, even if it is false.
Comment 4 Chad H. 2010-08-30 13:56:02 UTC 
Cannot replicate on trunk => WFM
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.

Navigation
Links