Last modified: 2006-01-06 20:51:44 UTC

Wikimedia Bugzilla is closed!

Wikimedia migrated from Bugzilla to Phabricator. Bug reports are handled in Wikimedia Phabricator.
This static website is read-only and for historical purposes. It is not possible to log in and except for displaying bug reports and their history, links might be broken. See T6506, the corresponding Phabricator task for complete and up-to-date bug report information.
Bug 4506 - blocking IP blocks hurts registered users
blocking IP blocks hurts registered users
Status: RESOLVED DUPLICATE of bug 550
Product: MediaWiki
Classification: Unclassified
Special pages (Other open bugs)
All All
: Normal normal (vote)
: ---
Assigned To: Nobody - You can work on this!
Depends on:
  Show dependency treegraph
Reported: 2006-01-06 17:50 UTC by ssd
Modified: 2006-01-06 20:51 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description ssd 2006-01-06 17:50:32 UTC
When dynamic IP's from large ISP's (i.e., AOL and other ISP's) are blocked
because of anonymous vandalism, it hurts registered users with long good edit
histories, because the current mediawiki behavior is to block all users using
that ip.

I propose that such IP's get a special mark in the database indicating that this
BLOCK of ip's is special.  When one of those ip's is blocked, the block only
affects anonymous (and perhaps very new?) users, and does NOT cause an automatic
block of legitimate registered users in good standing.

As currently stands, a vandalizer only needs to register with AOL and never log
in, and they can vandalize to their hearts content with minimal penalty, and we
are powerless to block them.
Comment 1 Drakas Tralas 2006-01-06 18:28:30 UTC
I agree, the same things happen on IRC - my ip has been put into blacklist :(

One thing that Wikipedia's people could do is to actually disable anonymous editing 
for the "blocked" IPs, allowing them to login.

Also, there is a way of blocking people by e-mail address, I am not sure if 
MediaWiki developers had done that or not but i think that it would be a great 
Especially when combined with Blocked IPs.
What i mean is that if the E-Mail is blocked and the user wants to register, theiy 
should get a cookie and their IP address should be blocked until the ISP replies.
As well, a message could be sent to their E-Mail address saying that their E-Mail 
address is being used for vandalising, and if they don't reply e.g. in 24 hours or 
anything - they are reported to ISP.
There are lots of solutions but the thing is that it's hard to take control of 

Another idea popped into my head - just add a cookie to every user, with a unique 
ID ( it can be the id of the Edit ), and add that edit's id into the vandalised 
page list (Probably in MySQL, new table :/).
Whenever the user comes back online, they are monitored ( This does not apply to 
people who are not Vandalising, only to logged people ).
They can be reported to the ISP with monitored addresses and dates/times :).
Only disadvantage is that they can simply delete the cookie file.
But still if there is more security, there is less troubles.
Comment 2 Brion Vibber 2006-01-06 20:51:44 UTC

*** This bug has been marked as a duplicate of 550 ***

Note You need to log in before you can comment on or make changes to this bug.