Neil Harris wrote:
I've noticed increasing levels of vandalism via
anonymizing proxies.
We turned off the automatic proxy-scanning some time ago because of
complaints by the clue-deficient who saw this as potential attacks.
However, it might be a good idea to do the following:
* whenever an admin _blocks_ a user, the IP they were editing from
should be automatically proxy-scanned, and blocked indefinitely if it
is an open proxy (_in addition to_ the username/IP block that would
have been applied)
By restricting proxy scans to proven vandals, this will reduce the
rate of proxy scans to a few dozen a day (from tens of thousands
before), and result in a proportionately trivial level of complaints
which can safely be auto-replied or ignored. It will also allow the
reply to be very clear: "we detected abuse from your user, verified
that it was coming from an unsecured proxy on your network, and took
appropriate action".
99% of the code for this already exists, so it should be trivial to
put in place -- however, I'm aware that our heroic developers are
somewhat busy...
-- Neil
Hoi,
We have had some problems with proxy scans before Waerth, a wikimedian
who is really active, has no choise but use a proxy. He is living in
Thailand.
It would be much better to change the working of the banning process.
When an IP range is known to be a proxy, we could disallow anonymous
cowards from editing. As we can be aware that traffic is from a proxy,
we could allow known users from editing from these proxies. In this
manner we prevent vandalism by anonymous cowards while providing a
service to the known good. :)
Thanks,
GerardM