- From: frozenice <frozenice@frozenice.de>
- Date: Sun, 16 Dec 2012 04:16:43 +0100
- To: public-webplatform@w3.org
- CC: ryan@ryandlane.com
- Message-ID: <50CD3D1B.6090706@frozenice.de>
Hi, as I stated in my other thread from just now (called "Some Charts about WPD Users"), there was a problem with IP addresses. When I asked the database for unique IPs in the recentchanges table (which contains about 26k rows), it replied with merely 18 distinct addresses. I wondered and then it struck me. Because we use a frontend cache (Fastly), user traffic looks like the following: User <--> Fastly <--> WPD This means MediaWiki doesn't see the user's IP, but the IP of a random cache from Fastly. This effectively means we can't block IPs in case of vandalism etc., because we would block a whole bunch of users. I don't know why I haven't thought of this earlier... I guess it's because I normally don't use frontend caches. Now, I don't know if Fastly sends X-Forwarded-For headers (it should) nor if MW can handle those. We would need a whitelist of Fastly IPs to be trusted with the XFF header and MW would then use that value as the real IP. Another thought (which I can't confirm for now) is, that this could also be a source of the session issues. - fro
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Sunday, 16 December 2012 03:17:04 UTC