Login | Register For Free | Help
Search for: (Advanced)

Mailing List Archive: Wikipedia: Mediawiki

faking IP address?

 

 

Wikipedia mediawiki RSS feed   Index | Next | Previous | View Threaded


Hullen at t-online

May 27, 2012, 3:24 AM

Post #1 of 5 (470 views)
Permalink
faking IP address?

Hallo,

is it possible that a bad guy fakes his IP address when he creates a
page?

My wiki (arktur.de/Wiki) suffers from Wiki spam, and sometimes I see IP
addresses from spammers which don't occur in the apache access_log.

Viele Gruesse!
Helmut

_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l


stipen.treublatt at gmx

May 27, 2012, 3:40 AM

Post #2 of 5 (461 views)
Permalink
Re: faking IP address? [In reply to]

Dont bother with the IP-Adresses, install proper Anti-Spam-Extensions.

See http://www.mediawiki.org/wiki/Manual:Combating_spam for a
MediaWiki-Helppage (and follow the links on that page to learn more), or
have a look at
http://www.wiki-aventurica.de/wiki/Wiki_Aventurica:Anti-Spam which is a
short summary of measures that work for me.

I highly recommend using the QuestyCaptcha-part of Confirm-Edit to
prevent account creation, and installing SpamBlacklist to block those
pesky spamlinks.

For this
http://arktur.de/Wiki/index.php?title=Kategorie:Whiteboard&curid=2323&diff=6189&oldid=5388
kind of spam you might need to install SpamRegex or AbuseFilter, though.

Greetings
Stip

Am 27.05.2012 12:24, schrieb Helmut Hullen:
> Hallo,
>
> is it possible that a bad guy fakes his IP address when he creates a
> page?
>
> My wiki (arktur.de/Wiki) suffers from Wiki spam, and sometimes I see IP
> addresses from spammers which don't occur in the apache access_log.
>
> Viele Gruesse!
> Helmut
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>


_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l


stipen.treublatt at gmx

May 27, 2012, 3:43 AM

Post #3 of 5 (458 views)
Permalink
Re: faking IP address? [In reply to]

Alternatively, think about
http://www.mediawiki.org/wiki/Manual:Preventing_access

Am 27.05.2012 12:24, schrieb Helmut Hullen:
> Hallo,
>
> is it possible that a bad guy fakes his IP address when he creates a
> page?
>
> My wiki (arktur.de/Wiki) suffers from Wiki spam, and sometimes I see IP
> addresses from spammers which don't occur in the apache access_log.
>
> Viele Gruesse!
> Helmut
>
> _______________________________________________
> MediaWiki-l mailing list
> MediaWiki-l [at] lists
> https://lists.wikimedia.org/mailman/listinfo/mediawiki-l
>


_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l


Platonides at gmail

May 28, 2012, 9:21 AM

Post #4 of 5 (449 views)
Permalink
Re: faking IP address? [In reply to]

On 27/05/12 12:24, Helmut Hullen wrote:
> Hallo,
>
> is it possible that a bad guy fakes his IP address when he creates a
> page?
>
> My wiki (arktur.de/Wiki) suffers from Wiki spam, and sometimes I see IP
> addresses from spammers which don't occur in the apache access_log.
>
> Viele Gruesse!
> Helmut

Kind of. If the spammer uses a proxy, and the proxy provides a
X-Forwarded-For header, with the IP of the client on behalf of which it
is forwarding the request (or more, if there were several proxy hops),
MediaWiki will use that IP instead, provided it trusts the proxy.
Your apache access_log will report the proxy in such case.

This is most interesting for the case where you have a reverse proxy
(such as squid or varnish) in front of your site.

A proxy is considered trusted if its ip appears on $wgSquidServers or
$wgSquidServersNoPurge.


_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l


Hullen at t-online

May 29, 2012, 1:55 AM

Post #5 of 5 (445 views)
Permalink
Re: faking IP address? [In reply to]

Hallo, Platonides,

Du meintest am 28.05.12:

>> is it possible that a bad guy fakes his IP address when he creates a
>> page?

[...]

> Kind of. If the spammer uses a proxy, and the proxy provides a
> X-Forwarded-For header, with the IP of the client on behalf of which
> it is forwarding the request (or more, if there were several proxy
> hops), MediaWiki will use that IP instead, provided it trusts the
> proxy. Your apache access_log will report the proxy in such case.

> This is most interesting for the case where you have a reverse proxy
> (such as squid or varnish) in front of your site.

> A proxy is considered trusted if its ip appears on $wgSquidServers or
> $wgSquidServersNoPurge.

Thank you - I'll ask my provider. Now I know what to ask him ...

Viele Gruesse!
Helmut

_______________________________________________
MediaWiki-l mailing list
MediaWiki-l [at] lists
https://lists.wikimedia.org/mailman/listinfo/mediawiki-l

Wikipedia mediawiki RSS feed   Index | Next | Previous | View Threaded
 
 


Interested in having your list archived? Contact Gossamer Threads
 
  Web Applications & Managed Hosting Powered by Gossamer Threads Inc.