- From: frozenice <frozenice@frozenice.de>
- Date: Sun, 16 Dec 2012 19:12:26 +0100
- To: public-webplatform@w3.org
- CC: ryan@ryandlane.com
- Message-ID: <50CE0F0A.9090707@frozenice.de>
This seems useful: http://www.mediawiki.org/wiki/Manual:$wgSquidServersNoPurge - fro On 16.12.2012 04:16, frozenice wrote: > Hi, > > as I stated in my other thread from just now (called "Some Charts about WPD Users"), there was a problem with IP addresses. > > When I asked the database for unique IPs in the recentchanges table (which contains about 26k rows), > it replied with merely 18 distinct addresses. I wondered and then it struck me. > > Because we use a frontend cache (Fastly), user traffic looks like the following: > User <--> Fastly <--> WPD > > This means MediaWiki doesn't see the user's IP, but the IP of a random cache from Fastly. This effectively means > we can't block IPs in case of vandalism etc., because we would block a whole bunch of users. > > I don't know why I haven't thought of this earlier... I guess it's because I normally don't use frontend caches. > > Now, I don't know if Fastly sends X-Forwarded-For headers (it should) nor if MW can handle those. We would need > a whitelist of Fastly IPs to be trusted with the XFF header and MW would then use that value as the real IP. > > Another thought (which I can't confirm for now) is, that this could also be a source of the session issues. > > - fro >
Attachments
- application/pkcs7-signature attachment: S/MIME Cryptographic Signature
Received on Sunday, 16 December 2012 18:12:58 UTC