Last modified: 2011-03-13 18:05:47 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 6988 - Set up Wikimedia open proxy list
Set up Wikimedia open proxy list
Product: Wikimedia
Classification: Unclassified
General/Unknown (Other open bugs)
All All
: Lowest enhancement with 5 votes (vote)
: ---
Assigned To: Nobody - You can work on this!
: shell
Depends on:
  Show dependency treegraph
Reported: 2006-08-12 06:06 UTC by tsor
Modified: 2011-03-13 18:05 UTC (History)
1 user (show)

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description tsor 2006-08-12 06:06:23 UTC
Because of increasing vandalism on DE some admins are blocking manually hundreds
of IPs of open proxies according "Meta:No open proxies"
( This blocking should
better be done by software which could block for other wiki languages too.

Either block all open proxies once / periocically or check the IP of a user
during creating a new account and during logon. 

Some lists of open proxies on the web:

Comment 1 Andrew Garrett 2006-08-13 02:45:06 UTC
I'd be willing to run a bot to do this. I already have the code to block all Tor
proxies, however I could extend it to whatever other lists you require.
Comment 2 Aryeh Gregor (not reading bugmail, please e-mail directly) 2006-08-13 03:48:00 UTC
There's code hanging around for this, and it looks like it should work. 
Currently the only option is SORBS (does Wikimedia use that?), but it looks like
it should be very simple to set things up to use any blacklist supporting the
standard DNSBL protocol.  Maybe the options for this should be expanded to allow
arbitrary arrays of hostnames rather than just SORBS or nothing, and then this
could be a simple config option.  Any reason why not?

(The advantage of this over bots is that it's simpler and more invisible, not
clogging up logs and whatnot, and undoubtedly it's a good deal faster as well. 
Under the current system there appears to be no way to whitelist an IP that's
blacklisted by a list, however, which might be a downside.)
Comment 3 Jesse (Pathoschild) 2007-04-08 03:28:28 UTC
A blacklist like [[m:Spam blacklist]] would be ideal, particularly if it
recognized CIDR ranges. The blacklist maintained by the [[m:WM:OP|MetaProject on
open proxies]] would be a good start. If some wikis prefer not to block such
proxies automatically for some reason, they could toggle it off much as can be
done with the spam blacklist.

It would solve a problem that is currently overwhelming us, involving a single
static IP address spamming every Foundation wiki with legitimate and widely-used
links in petty revenge for an administrator's refusal to spam blacklist a
legitimate site.

The only current solution would be for a steward to manually create an account
on every Foundation wiki, assign admin access to every account, and block that
one IP address on every wiki. This would need to be done again if they used a
different proxy. This isn't very workable.

The spammer is causing significant disruption on many wikis and can presumably
continue doing so forever; since this is the only workable solution I can think
of, I've increased the priority.
Comment 4 Aryeh Gregor (not reading bugmail, please e-mail directly) 2007-04-08 04:48:15 UTC
This bug is about automatic open proxy blocking, not general-purpose manual crosswiki blocking.  
If you want to start a bug suggesting general-purpose crosswiki block lists, feel free.

Repurposing to be Wikimedia-specific, because we already have DNSBL support in the software AFAIK.
Comment 5 JeLuF 2007-09-01 14:03:44 UTC
Blocking open proxies on sight is considered evil by many. Some countries can only access the internet using open proxies for example. There will be no automatic blocking of open proxies in the foreseeable future. => Closing.

If you disagree, please ask for a board resolution.
Comment 6 Brion Vibber 2007-09-04 18:52:30 UTC
It could, though, be useful to do some automated flagging and human review.

Note You need to log in before you can comment on or make changes to this bug.