Remarkable number of SL edits apparently by 10.0.0.1 [#7196]
: Remarkable number of SL edits apparently by 10.0.0.1
(2019-02-09 20:49) [#11314]
I don't believe that all the recent edits apparently by 10.0.0.1 are really by the same person, the same organisation, or even from the same country.
By an anonymous person I think. Maybe Zach Gormley.
By Robert Jasiek.
By Zach Gormley
I have noticed 10.0.0.1 at least once on the blocked sites list due to overload.
10.x.x.x addresses are private ipv4 addresses, non-routable on the public internet. The internal addresses for a large organisation, similar to the 192.168.x.x addresses for home networks. So my instinctive first thought is that it shouldn't be appearing at all as a vistor's ip address. This should be the routable ip address of their internet facing router. As this has only started occurring recently, I think it could be related to SL's recent move to a new server on 2019-01-19.
: ((no subject))
(2019-02-10 14:05) [#11315]
I had at least one edit as 10.0.0.1 as well. This is a problem.
: Re: ((no subject))
(2019-02-10 13:28) [#11316]
I agree, which is why I've raised it. If you look at the blocked list, you will see it is blocked today. This isn't the first time.
( I don't think the mechanism of IP address blocking should be discussed here online, as I don't want to give spammers hints on how to get round it. )
I have emailed Arno to draw his attention to this.
: looking into this...
(2019-02-10 14:33) [#11317]
I noticed this phenomenon after moving to the new server (10.0.0.0/8 being unroutable IP address space.) I think it is related to SL now being reachable over IPv6 and some odd behavior of the "what is the real visitor IP address" code in SL's engine.
I thought it's odd & nothing to worry about, but if we inadvertently block people that's no good. I'll dig into this and hopefully come up with a solution soonish.
@tapir: did this happen to you while you were logged in? (Because that definitely shouldn't happen...)
: Re: looking into this...
(2019-02-10 14:59) [#11318]
No, I wasn't logged in.
(2019-02-10 17:49) [#11319]
So indeed, it has to do with IPv6: the code checks for IPv4 addresses and if the client's address does not look like one, it assigns "10.0.0.1". Don't ask :o)
So I have different ways forward now:
- just use the routing prefix of IPv6 (i.e. the first 64 bits) like "2601:1601:d980:538a" (I prefer this variant)
- show full IPv6 addresses like e.g. "2601:1601:d980:538a:a1e0:dabc:53ce:c184" (might be a bit long)
- hide all IP addresses and use something like 'anonymous-1234' (much work...)
- something else?
What's your opinion?
: Re: suggestions?
(2019-02-10 18:06) [#11320]
Yes, I think your suggestion of the routing prefix of IPv6 "2601:1601:d980:538a" looks good, so it gets my vote.
I've been googling ipv6 addressing, but haven't understood it, so there isn't much intellectual heft to my vote.
I think the "2601:1601:d980:538a" looks short enough to work in the wiki change logs without being unwieldy.
I don't like the suggestion of hide all IP addresses and use something like 'anonymous-1234'. That would just lead to a database cross-referencing the 'anonymous-1234' alias to the IPv6 address and then using that for blocking. Added complication with no benefit to my eyes.
(2019-02-10 18:58) [#11321]
Ok, I pushed the changes: just using the IPv6 routing prefix in case of IPv6 numbers. Let's see how it turns out :o)
: Re: fixed
(2019-02-10 22:30) [#11322]
Well, the first result is in.
Longer than I was expecting. That is the full IPv6 address, rather than the routing prefix, I think.
(P.S. Thanks for reacting to do a quick fix. I'm sure this will do for now, letting you think about the consequences of the change. Better to stick with this for now rather than doing a late night change without the time to check how it is working. )
: Re: fixed
(2019-02-12 14:03) [#11323]
Silly bug - should be prefix only now.
: 10.0.0.3 on the automatic block list today
(2019-02-14 21:58) [#11324]
This feels like an indicator that something is still slightly wrong.
(2019-02-15 09:30) [#11325]
This is getting embarrassing :o(
Now the code is bug free -- or so, I hope...
: Re: fixed
(2019-02-17 16:30) [#11326]
Not quite over the line yet. 10.0.0.3 has appeared like the proverbial bad penny on the automatic block list today.