Last modified: 2006-06-28 18:43:37 UTC
Wiktionary now requires all AOL users to use SSL when editing, which bypasses
the proxies that make AOL vandals so frustrating to deal with. (See
http://en.wiktionary.org/wiki/Wiktionary:AOL.) There have been repeated
attempts at suggesting that the solution be implemented for enwiki as well,
accompanied by rumors that the server load would be too great. I could find no
bug filed on this, so I'm opening this to get an official answer on whether this
No changes are needed. Secure.wikimedia.org already is able to all? projects.
Simply change the url from
https://secure.wikimedia.org/wikipedia/en/wiki/Main_Page and advertise it
properly. The same applies for other projects/languages.
Do *not* advertise this for general use; the box handling requests can't serve
the load. This is part of the reason we didn't advertise it for general use when
it was set up.
Actually, we're already advertising it to users hit by AOL blocks, or at least
to those among them who take the time to read [[Wikipedia:Advice_to_AOL_users]]
(linked to from [[MediaWiki:Blockedtext]] on enwiki) all the way to the end.
Very carefully re-read my sentence and note the "for general use" clause. If
that's been there so far and the load hasn't killed the box in question, then we
can deduce there's no problem, or that AOL users can't read.
Sure. I wasn't trying to argue with you, Rob, just comment on the current
situation. Your deduction seems sound to me, too. :)
Well, this request was for a secure server such that all AOL users could be
blocked from editing over insecure servers. Apparently, from what Rob says,
they can't yet, so is this actually FIXED?
More broadly, I think we'd want an automatic redirect to secure servers for AOL
users, which I assume would require a software change. Ideal behavior would be:
AOL anon sees something he wants to edit, clicks Edit, gets invisibly redirected
to https://en.wikipedia.org/wiki/..., and happily edits away, from his
perspective indistinguishably from any other user unless he happens to glance at
the URL. Is this Wikimedia, MediaWiki, or some freakish mutant hybrid of both?
Maybe AOL support X_FORWARDED_FOR header ? That might solve the issue.
(In reply to comment #7)
> Maybe AOL support X_FORWARDED_FOR header ?
[[w:Wikipedia:Dealing with AOL vandals]] says it doesn't. As far as I know
(could be wrong), AOL uses proxies the way it does explicitly for the "privacy"
of its users, so that makes sense.