| Revision as of 03:57, 4 June 2007 editπ (talk | contribs)16,573 edits βA general statement: Reβ Previous edit | Latest revision as of 13:39, 2 March 2024 edit undoAtrapalhado (talk | contribs)Extended confirmed users2,683 edits βJust weirdTag: 2017 wikitext editorΒ | ||
| (560 intermediate revisions by more than 100 users not shown) | |||
| Line 1: | Line 1: | ||
| {{talkheader|WT:PROXY|WT:NOP}} | |||
| Discussion, wordsmithing, etc. goes here. --] 21:29, 20 January 2006 (UTC) | |||
| {{tmbox | |||
| | type = notice | |||
| | text = <big>This is '''not''' the page to report suspected open proxies.</big> Please instead create a report at ]. | |||
| }} | |||
| == A confused editor gives a technical perspective on the policy of hardblocking open proxies == | |||
| I've been reading, trying to figure out where the broad consensus that hardblocking, rather than softblocking, anonymous proxies is necessary comes from. I'm a computer scientist, and it deeply offends my sensibilities that Misplaced Pages, a ] application, makes decisions about me based on my choice of ] address. I can appreciate the cleverness of using IP addresses as credentials for anonymous users, and understand the need for IP blocks to fight anonymous vandals, but if a user has an account, they're just as easy to block no matter what IP they're logging in from. | |||
| == No preemptive blocking == | |||
| The lone exception I've been able to find is in ]. This is an interesting and, once again, technically clever system, but it's clearly a hack; it relies on certain aspects of the Internet Protocol that are ''usually'' true but not guaranteed. The advent of mobile computing has forced me as a computer scientist to start dealing with situations where a user's session is not tied to a single IP at all, but could roam between multiple IPs, which is not a trivial issue to deal with (especially over UDP or other unreliable transport: barrels of ink have been spilled over handling this problem in VPN protocols). I typically carry a second IP in my pocket (my iPhone's LTE is as fast as my cable, albeit more expensive), and I can obtain a new one from my cable company at will by tweaking my router's MAC address. IPv6 has already been officially turned on, and it typically hands out thousands or millions of IP addresses to every customer; IPv6-only clients can connect to IPv4 servers using 6to4 or Teredo gateways, which mask their "real" IP just as effectively as anonymous proxies do; since they aren't actually HTTP proxies, though, don't expect the X-Forwarded-For header to solve all your problems! | |||
| Seems like a pretty well-balanced article to me. But I oppose the policy. Open proxies should only be blocked if they are already eligible under existing blocking policy due to vandalism. No preemptive blocking. ] 22:43, 20 January 2006 (UTC) | |||
| In short, blocking anything that breaks Autoblock is short-sighted and misguided. Misplaced Pages is one of the pioneers of the internet community, and it has a responsibility to encourage new and innovative uses of technology, not hinder them because they require more effort to control. | |||
| * Currently, many Misplaced Pages admins (such as on the project mentioned in the article) ''do'' pre-emptively block proxies. Which is why it is important to clarify what the policy actually is. FWIW, I'm all in favor of blocking ''any'' open proxy; though in practice I agree with you that efforts should be focused on those proxies which are actually used for vandalism. --] 22:54, 20 January 2006 (UTC) | |||
| **Oppose all you like; pre-emptive blocking of open proxies is a longstanding policy, both for reasons of vandalism and for the problems it poses to attributing edits, which is required for our license. ]]] 12:16, 21 January 2006 (UTC) | |||
| ***Oh. I had no idea. In that case I support with reservations. :-) ] 05:45, 22 January 2006 (UTC) | |||
| *Why is it "required for our licence"? Since Misplaced Pages is collectively written, and that it accepts unlogged users, what are the differences for this matter betwen an unlogged user and a ] user? Why are anonymous programs forbidden on Misplaced Pages, and where has this policy been decided? Has it been voted? If yes, can a new vote be submitted, what is the "policy on policies"? ] | |||
| **It is interesting that such questions do not get answers. ] 15:40, 4 September 2006 (UTC) | |||
| It seems to me that the IPEXEMPT flag would strike a good balance between automatic sockpuppet prevention and ease-of-use, but current policy is that this flag is given only in "exceptional circumstances," requires trusting an editor with an "admin tool," and that it can be revoked preemptively. I don't understand how this flag could be treated as such a sensitive tool. A minimal level of human (admin) verification needed to assign this flag to an account, on par with the scrutiny for receiving rollback, would effectively prevent the creation of sockpuppet armies, and prevent the use of stolen accounts (which would probably not have applied for the IPEXEMPT flag). (If more assurance that an account would not be stolen in the future were needed, it would be simple to require a prospective IPEXEMPT editor to have a ].) | |||
| == WP:BP == | |||
| It really isn't a good policy; it provides a false sense of security without really attacking the underlying problem. This is typical of hackerish works such as Misplaced Pages, which will continue to lack credibility in scholarly work or in industry. {{unsigned|24.61.5.30}} | |||
| I'm interested in the community's thoughts on this subject. It's my hope that I can provide a valuable technical viewpoint to the consensus-building process. | |||
| This is a very well written piece, but on the other hand the message is already part of ]. Might I suggest you take this text and use it to improve that subheading? ] 02:14, 21 January 2006 (UTC) | |||
| *It's already covered there. I've done a redirect. ]]] 12:16, 21 January 2006 (UTC) | |||
| ] (]) 07:24, 1 March 2013 (UTC) | |||
| Thanks for pointing out the link to ]--initially, I proposed this because I couldn't find it anywhere. That said, I still think that having this policy as separate may be a good idea. | |||
| : {{ping|MrNerdHair}} It's been nearly 7 years and no one has responded to your concern. Sad. I completely concur. For the last couple of years my ISP has no longer given me a unique public IP address, I only have an internal 10.x.x.x address and I'm routed in a ]-like fashion through a public IP that is shared with many other customers (dozens, or possibly hundredsβwho knows). Wikipedians are actively hunting down all the IP addresses of VPNs (even paid ones, see below) and blocking them too. ''Even while logged in with my email verified'' I have to disable my VPN in order to edit Misplaced Pages or even post on a talk page. I think that policy is putting editors' privacy at risk and it's discouraging me from contributing. β ] (]) 05:35, 12 January 2020 (UTC) | |||
| Why? | |||
| I agree with you, indeed no reason to tie to IP adress for any purpuses at all. The first priority should always be the wikipedia ID and only as latest measure should be the list of restrictions by IP, which means there is no way to authenticate the user. ] (]) 22:30, 15 March 2020 (UTC) | |||
| * ] is listed on ], but under the "restricted features" subheading. While ordinary users (like me) can read it, many won't. | |||
| * ] contains numerous clauses of the form "if user/IP '''X''' performs behavior '''Y''' and additional constraints '''Z''' are satisfied; then '''X''' may blocked for time ''t''"; where '''Y''' is some behavior contrary to Misplaced Pages's rules; and '''Z''' usually is appropriate due process or warnings afforded to the user. For most cases, '''Y''' corresponds to an official policy on Misplaced Pages; which is explicitly documented as such. For open proxies, there is no corresponding policy page which clearly sets forth the policy; nothing to directly reference from ]. In short, ] is a policy describing when admins may/should block users; but it's not as well suited for informing users of what they may and may not do. The equivalent in law would be giving judges sentencing guidelines allowing jail time for offenses which are not prohibited in the statutes. Maybe I'm wearing my "lawyer" hat too tight on this point. | |||
| * At any rate, no open proxies is certainly ''de facto'' policy; transparency suggests that it be ''de jure'' policy as well. If you dig around, you can find snippets of info which document the policy (many of which are summarized in the article). Perhaps this is worrying about minutiae, I don't know. | |||
| I don't see the rationale behind the ban for registered autoconfirmed users as well, and this hurts me too since I live under an oppressive censoring government (so i have to use a proxy for my day-to-day browsing to avoid blocks), but Misplaced Pages administration have dismissed my request to give me an exempt w/o providing any reasoning in their decision. Since no one seems to react to the contents of this talk page, is there a better place to discuss such policies? ] (]) 21:30, 30 March 2020 (UTC) | |||
| And not to be rude, Radiant, but I think your move to a redirect was premature--very little discussion has been had on the proposal so far. I'm reverting for now, and adding a few more links--if consensus is to make this a redirect, I'll happily go along. If you revert back (to a redirect) again, I'll leave it alone--but I ask that you allow a bit more discussion to take place first. | |||
| :{{re|L29Ah|SimonEast}} I'd recommend a previous response by me further down this page. The short answer to this concern is that autoconfirmed is not any type of barrier, because we often see that anyone can achieve multiple accounts with this status. You then end up with multiple accounts running across multiple proxies. I'd also give a tip for any future discussions: any proposal which involves converting all hard blocks to soft blocks is unlikely to work. Also, there is rarely such a monolith as 'Misplaced Pages administration', so I would also recommend sending your request to me by email, if you'd like it seriously considered. -- ] <sup>]</sup> 22:23, 30 March 2020 (UTC) | |||
| == Eight years and no solution == | |||
| --] 18:32, 21 January 2006 (UTC) | |||
| Can someone explain to me why nobody has found a way to let long-standing logged-in editors use proxies and VPNs. I've read through both pages of comments and nobody seems to want to fix this. Also MrNerdHair's valid comments above haven't been so much as answered. ] (]) 03:15, 21 July 2013 (UTC) | |||
| Regardless of the decision here; I also recommend that certain other places on Misplaced Pages: ], ], ] ''explicitly'' state that 1) open proxies are disallowed; and 2) point to whatever location in Misplaced Pages (here or ] ''formally'' documents that matter. --] 18:43, 21 January 2006 (UTC) | |||
| :VPN's usually aren't blocked unless they offer a free trial. This page seems to have few watchers... ] (]) 01:07, 4 April 2014 (UTC) | |||
| *Well sure, if this page is to be more expansive there's no harm in keeping it separate. You can flag it policy, by the way, because of precedent and practice. ]]] 22:32, 21 January 2006 (UTC) | |||
| **In other words, all the normal procedures (which certainly would apply to a ''new'' policy) can be bypassed in this case? --] 06:18, 22 January 2006 (UTC) | |||
| ***Well, this is not a new proposal, it is an attempt to codify something that we've done for a long time, and that is frankly already covered in existing policy pages. ]]] 11:10, 22 January 2006 (UTC) | |||
| *** In that case, I'll go ahead and change this from <nowiki>{{proposed}}</nowiki> to <nowiki>{{policy}}</nowiki>. --] 18:27, 22 January 2006 (UTC) | |||
| == |
== Proactive proxy hunting == | ||
| This page violates the ] that ''anyone may edit''. Therefore it ''cannot ever'' be policy as far as I am aware. | |||
| Is there any reason why we can't get subscriptions to paid open proxy servers in an effort to identify exactly which IPs are available so that we can block them? ] <sup>(]|])</sup> 17:15, 26 May 2014 (UTC) | |||
| ] 19:25, 22 January 2006 (UTC) | |||
| :I believe something like that is how {{user|ProcseeBot}} operates, but it only catches one type of proxy that it can immediately and automatically verify.... web proxies, OTOH suffer from an inverse problem in that it's hard to establish with certainty that it is a proxy. ] (]) 21:08, 26 May 2014 (UTC) | |||
| ==This is now the official policy on open proxies== | |||
| :It has been policy and will continue to be as long as Jimbo embraces it . ] 19:41, 22 January 2006 (UTC) | |||
| I just rearranged some articles to say that this page is the official policy on open proxies. I trust this is not controversial. I did not actually change content here. | |||
| I did this because ], a "consensus page" which is weaker than those tagged as ], says to go here for more information. This page previously said that for more information, one should go to ], which is a policy page just like this one. That page said to come here for details, but since all of the information on the topic is here, it should note that this is the main page. Misplaced Pages policy pages should be set up so that one page claims to be the main policy, and other pages refer to that page as the main policy. This is how I rearranged things. The "blocking" page is about blocking generally, and is not really about open proxies, and the IP address page is about something else too. This is the most relevant page, so I made the other pages refer to this one when talking about open proxies. | |||
| ::] doesn't violate the rule that "anyone" can edit--anyone (other than banned users) may do so; they just need to do so from a machine which isn't an open proxy. Given the security risk posed by open proxies; this is a reasonable restriction. In other words, it's a restriction on ''where'' people can edit from; not ''who'' can edit. Obviously, there will be some individuals out there who, due to their particular circumstances, can only edit through an open proxy--persons in mainland China being one large category. (Note that the Chinese government can and does block access to open proxies outside the ]--as use of such proxies can be used to circumvent bans on what Beijing considers seditions content). | |||
| ::One thing that might be a good idea (and may be done, though I'm unaware of it, and it isn't "policy" as of today), is to allow logged-in users (or a subset thereof, screened for sockpuppets, vandals, banned users, and such) to edit from open proxies. Logging in--assuming a secure password--answers the security questions around open proxies. But that would be a ''new'' policy (or a policy change), rather than documentation of what already stands. --] 19:51, 22 January 2006 (UTC) | |||
| The changes that I made are to say that conversations about open proxies, for blocking or otherwise, should go here in this talk forum, and that this is the page where people read policy on open proxies and not elsewhere. ]] 01:18, 17 December 2014 (UTC) | |||
| ::: I've discussed this with some developers on IRC now. I understand it's a delicate balancing act. I am somewhat saddened that this is now policy. :-( ] 20:22, 22 January 2006 (UTC) | |||
| :I am not sure what you are talking about, but I know that somebody has been going around "fixing" articles so that tens of thousands of people with ordinary ] cards can no longer get access to check on the sources for the scores of articles I have written about L.A. topics. If you think this improves the encyclopedia, you are definitely wrong. It stinks: Take it from one who has ] (]) 15:11, 13 January 2020 (UTC) | |||
| == Why Wikimedia, Inc. should not care about IPv4 addresses == | |||
| :::: Again, it's ''been'' policy for quite some time. The creation of this page did '''not''' create a new policy; it just documented and set forth a policy that already existed. In other words, nothing has changed here. --] 20:50, 22 January 2006 (UTC) | |||
| :::::It actually doesn't violate that foundation issue. Anyone can edit. It just means you can't edit over an open proxy. ] 21:14, 23 January 2006 (UTC) | |||
| *Some people are more "anyone" than others. ]]] 15:24, 24 January 2006 (UTC) | |||
| ::Yep. Any simple statement like "...anyone can edit" is obviously going to have exceptions and can't be taken literally at face value. Funny that no one has ever objected to the fact that a starving African or a person in a coma can't edit Misplaced Pages. ] 18:28, 24 January 2006 (UTC) | |||
| ::: That's a little facetious. "Anyone can edit" plainly implies that anyone '''with access to the Web''' can edit Misplaced Pages - which isn't the case if open proxies are blocked, given that such proxies may be a person's only means of gaining Internet access. ] 15:21, 7 February 2007 (UTC) | |||
| ::"WP:NOP does not violate the rule that 'anyone' can edit - anyone... may do so; they just neede to do so from a machine which isn't an open proxy. Given the security risk posed by open proxies; this is a reasonable restriction." I understand that this policy has been enforced because of a "security risk". Can this "risk" be explained? Is there any vote concerning this (or other) policy? ] 18:18, 9 April 2006 (UTC) | |||
| I would like to suggest that IPv4 addresses are no longer a good way to identify users. Most ISPs assign a new IPv4 address periodically (usually, every disconnection from the ISP introduces a new IPv4 address and many ISPs assign a new address at least once every 72 hours, the DHCP default). Because ISPs are no longer allocated sufficient IPv4 addresses to assign a separate address to each connected device, ISPs have begun to use port reassignment (the same as VPNs and Proxies). With port reassignment, users connect to the ISP via an intranet IPv4 address (which can appear to be an ordinary IPv4 address) and the ISP connects the user to the internet via a range of source ports on an internet IPv4 address. Thousands of user devices can use the same IPv4 address. IPv4 addresses are still useful for identification of the company that connects a user or device to the internet. | |||
| == amount of open proxies? == | |||
| US law was changed earlier this year to allow ISPs to sell user information and trace logs, without notice to users. This includes source and destination IP addresses for every connection and (when available) the Latitude and Longitude from which the user is making the connection. This applies even to HTTPS connections. This has caused many of us to turn to VPNs for all internet use. | |||
| Just curious - about how many open proxies are there out in the wild? And about how much of them have been blocked? --] 08:34, 27 February 2006 (UTC) | |||
| For both security and privacy reasons, most US internet users and all mobile connection users (any type of radio connection) should be connected via an encrypted connection to the internet. Radio connections are easily hackable, so an ISP or intermediary that accepts encrypted routing (IP packet) headers is necessary. Encrypted connection to one's ISP or mobile telephone provider is rarely available. | |||
| ==Registered users== | |||
| I can't see why even a registered user (say, registered months, or even years ago, and contributed hundreds of times already) are still being blocked, just because the IP was a shared one. '''I acknowledge that it is necessary to do that due to vandalism issue''', but '''''please re-re-re-consider the registered users.''''' A serious user should be unblocked regardless of which IP s/he uses. Thank you very much. --] 02:56, 9 March 2006 (UTC) | |||
| : Registered users are regularly unblocked when they're affected by such a block. There's a feature request for the ability to block IPs without affecting registered users, but that's currently not possible. // ] (<sub>''''</sub> / <sup>'']''</sup>) 03:18, 9 March 2006 (UTC) | |||
| Requiring HTTPS connections, login IDs, and passwords, and the use of email to confirm each login ID is much more reliable. HTTP connections allow easy packet insertion hacks. If you require an email confirmation for connections that are from a provider the user has not used before, that provides some additional identity assurance beyond the password, if the user's connection to the provider is encrypted. But a provider that accepts unencrypted communication from users (like most ISPs) is not reliable assistance in identifying users. | |||
| :: Has there been any progress implementing this "feature request for the ability to block IPs without affecting registered users"? I am regularly blocked (while logged in) when using Tor. ] 23:31, 24 March 2007 (UTC) | |||
| ] (]) 01:04, 9 November 2017 (UTC) | |||
| : Thanks for the detailed explanation {{ping|Drbits}}. I completely agree. As I noted in my previous comment above, my ISP no longer provides me with my own IPv4 address, I have to share it with dozens, if not hundreds/thousands of other customers. And I cannot edit via a paid VPN because that is also considered a transport for abuse. ''*sigh*'' β ] (]) 05:50, 12 January 2020 (UTC) | |||
| :: I think that if Misplaced Pages established a policy of "trusted" logins, it would help with this problem. I would naturally assume that anonymous edits from open proxies wouldn't be allowed, but what if users who registered jumped through some extra hoops to ensure that they were legitamate? If we created a system where the normal, unauthenticated person on an open proxy can't make edits, but those who create an account with some extra hoops to jump through would be allowed. They would be trusted users on the system, and their edits would be trackable, yet their actual location can be from anywhere. Such a system could be implemented here, so that if a certain user connected through, or contributed from, an exit node or open proxy, as long as they authenticated, there would be something to track if something went wrong, while still protecting that person's right to privacy. :: ] 21:09, 22 August 2006 (UTC) | |||
| === Why requiring VPN disconnection is a problem === | |||
| == Open or anonymous == | |||
| The policy states that ''open or anonymous proxies are currently not allowed to edit''. That "''or''" seems a bit confusing. Are there proxies that are anonymous but not open? If these βrestricted anonymous proxiesβ ''do'' exist, is it allowed to use them for editing? How can someone identify such a proxy? ] 10:51, 5 April 2006 (UTC) | |||
| For security reasons, disconnecting from a VPN often also disables internet connection from most programs. This is not just inconvenient, but it also temporarily blocks antivirus updates, file synchronization, and other security measures. | |||
| : An ''open'' proxy in one which is vulnerable to exploitation, usually by accident. An anonymising proxy is one which hides the identity of the user, but it may be a closed service; anonymising proxies aren't necessarily open. These are more difficult to find, since they aren't flagged by any scans, but they are often advertised or can be detected indirectly. // ]</small>] ] (<sup>'']''</sup>/<sub>]</sub>) 17:30, 4 September 2006 (UTC) | |||
| More sophisticated computer users can greatly improve system security by only leaving the VPN port open in the firewall. | |||
| == stupid question: is a school IP considered an open proxy? == | |||
| ] (]) 01:19, 9 November 2017 (UTC) | |||
| :It looks to me as though all these legitimate complaints about VPN blocking are being systematically ignored. There is no valid reason that confirmed registered users, when logged in, should be blocked from editing, just because of their IP address. I'm starting to believe that some administrators are compulsively and closed-mindedly pressing forward with this policy, "Don't confuse us with the facts". The only plausible explanations I can come up with for this prolonged behavior are... β well, understandably ''human'', but... β still not all that flattering. Respectfully, you guys need to review what you're doing, here.--] (]) 09:30, 22 November 2018 (UTC) | |||
| Can someone explain to me why the following IP's were indefinitely blocked as open proxies: | |||
| ::I understand the concern about traceability, but requiring logins eliminates that. The only other thing I can think of is the concern over DDOS attacks - but those would apply to access to all of the organization's assets. ] (]) 03:27, 19 February 2020 (UTC) | |||
| * {{vandal|62.171.194.4}} | |||
| :::@], ] it has gotten very ugly. Two Misplaced Pages editors were arrested in Saudi Arabia and who knows if it may have had something to do with the inability to use vpn. There is a discussion in ]. <span style="border-radius:8em;padding:0 7px;background:orange">]</span> ] 01:31, 9 January 2023 (UTC) | |||
| * {{vandal|62.171.194.12}} | |||
| * {{vandal|62.171.194.44}} | |||
| While similar IPs from the same range, also repositories for petty vandalism, were labelled school IPs and given mostly short-term blocks: | |||
| * {{vandal|62.171.194.5}} | |||
| * {{vandal|62.171.194.6}} | |||
| * {{vandal|62.171.194.7}} | |||
| * {{vandal|62.171.194.8}} | |||
| * {{vandal|62.171.194.9}} | |||
| * {{vandal|62.171.194.10}} | |||
| * {{vandal|62.171.194.11}} | |||
| * {{vandal|62.171.194.13}} | |||
| * {{vandal|62.171.194.36}} | |||
| * {{vandal|62.171.194.37}} | |||
| * {{vandal|62.171.194.38}} | |||
| * {{vandal|62.171.194.39}} | |||
| * {{vandal|62.171.194.40}} | |||
| * {{vandal|62.171.194.41}} | |||
| * {{vandal|62.171.194.42}} | |||
| * {{vandal|62.171.194.43}} | |||
| * {{vandal|62.171.194.45}} | |||
| I'm currently trying to draft a template to put on all these IPs, and I need to know if I can use the No Open Proxies policy as justification for an indefinite block of the whole range. If these are not Open Proxies, then '''none''' of them should be blocked under this policy. If you have a better suggestion for how to stop vandalism from these IPs, please contribute to the discussion at: ]--] 06:59, 15 May 2006 (UTC) | |||
| == This is so dumb. == | |||
| : These are suspected ]s because they were used by a malicious zombie proxy bot. A few are blocked due to vandalism, but the others should not be since there's only circumstantial evidence that they're vulnerable. // ]</small>] ] (<sup>'']''</sup>/<sub>]</sub>) 17:41, 4 September 2006 (UTC) | |||
| I'm trying to get into the ] website so I can check on a source for an article I posted. Here is what I got, a big message about "Proxies." https://en.wikipedia.org/search/?title=Bernard_Cohn_(politician)&action=submit I've noticed that somebody within the past few years has gone around and messed with ALL the LAPL library sources, and now I can't see the sources for all the articles I've created, and I've done a few hundred or more. I have GOT to be able to check the sources, and so does everybody else. What is the purpose of this? It seems to have been done with no notice to anybody. Sincerely, ] (]) 01:29, 27 September 2019 (UTC) | |||
| ==Hypocritical Policy== | |||
| == Autoconfirmed editors should be allowed to edit through proxies. == | |||
| This policy of ] seems to be one of the most contradictory policies which exists on this project, and as such this policy should be revoked. My reasoning is set out below: | |||
| Autoconfirmed editors should be allowed to edit through proxies. They've already shown that they're not vandals. Blocking them does nothing but prevent constructive edits. ] (]) 05:34, 29 September 2019 (UTC) | |||
| <ul> | |||
| <li>It contradicts the foundation issue of the "ability of anyone to edit | |||
| articles without registering"</li> | |||
| <li>It clearly hinders some contributors particularly those from the People's | |||
| Republic of China and probably prevents some from contributing at all</li> | |||
| <li>It contradicts the policy of "]"</li> | |||
| <li>It adopts the policy of " ]"</li> | |||
| <li>It gives the ] the power to block a wide range of IP | |||
| addresses when there is no proof of ] as set out in the ]. This also makes a nonsense of the principle that all users should act as administrators (]).</li> | |||
| </ul> | |||
| I look forward to your comments ] 21:15, 6 August 2006 (UTC) | |||
| :I'm not sure if this is an answer to my rant above, but if it means I can get back to my Los Angeles Public Library sources (as could anybody else with a Los Angeles Public Library card), I'm in favor of it. ] (]) 05:38, 29 September 2019 (UTC) | |||
| : This page is Foundation policy, ''not'' a local policy, so it override any local policy such as ]. It does not prevent anyone from editing Misplaced Pages; users in censoring countries are free to use private, closed proxies or other bypassing or tunneling methods. It makes no good-faith or bad-faith assumption, but merely prohibits a particular method. Imagine a real-world policy that prohibits the use of ]s for civilian transportation. This does not in any way impact anyone's right to travel, since they're free any of a large number of other vehicles. // ]</small>] ] (<sup>'']''</sup>/<sub>]</sub>) 17:27, 4 September 2006 (UTC) | |||
| :I would agree {{ping|Benjaminikuta}}. Blocking not only open-proxies but any and all VPNs ''even for autoconfirmed editors'' does seem like a great overkill and puts editors' privacy and security at risk. Sadly, it doesn't appear that anyone of influence is reading the posts on this page. Perhaps there's a better location to raise these concerns. β ] (]) 05:46, 12 January 2020 (UTC) | |||
| :: Imagine a fictional world policy where it's forbidden not to smile into every CCTV and where you might or might not get a job as a teacher, be allowed to travel into other countries or even spend the rest of your life in prison depending on your political opinion. This does not in any way impact anyone's right to say his opinion, since they're free to say what they want.--] 01:32, 8 January 2007 (UTC) | |||
| :: Thanks for the reply. Perhaps we could start an RfC? But I'm not so familiar with the procedure. ] (]) 09:10, 12 January 2020 (UTC) | |||
| ==Blocking Logged in Users== | |||
| :::The appropriate place to start would probably be ]. Speaking as someone who deals with abusive sockpuppets and sometimes partially helps to implement this policy, I'd say two things: First, autoconfirmed is no barrier and we often have to deal with multiple autoconfirmed sock farms hopping around multiple proxies. Second, before thinking about a RfC, have a good read of ], which is closely intertwined with this policy. -- ] <sup>]</sup> 14:26, 13 January 2020 (UTC) | |||
| == How banned are VPNs? == | |||
| Why are users who have editing histories and are not new also being blocked from using proxies? It seems to me that if someone wishes to use ] or such and they are willing to log in they should be allowed to. This helps contribute to ]. Why must wikipedia have my real IP on file? ] 15:39, 4 September 2006 (UTC) | |||
| "using a VPN to edit is not permitted." | |||
| : Each registered user's IP address is stored temporarily so that administrators can deal with abuse. A registered user's IP address can only be determined by a very small number of carefully selected users, and is automatically purged from the database after a set interval of under a few weeks. Allowing users to create accounts from open proxies goes against the spirit of the prohibition against open proxies, since it undermines that safeguard against abuse. | |||
| This was news to me! | |||
| : Recent changes to the software allow administrators to block an open proxy and disallow new account creation, while leaving existing accounts unblocked; whether to do so or not is a matter of individual opinion. If you wish to safeguard your IP address, you are free to use a personal, closed proxy. // ]</small>] ] (<sup>'']''</sup>/<sub>]</sub>) 17:03, 4 September 2006 (UTC) | |||
| Now, I recognise that there are good reasons to block some anonymising services. However ''for a logged-in WP account'', particularly one which is autoconfirmed, been here for years etc., why is their use of a VPN as an ''invisible'' transport mechanism from them to WP (for reasons which quite honestly are just none of our business) any sort of problem? ] (]) 16:55, 8 March 2020 (UTC) | |||
| :: What I fail to understand is if I am a user with a history, why am I not allowed to use a proxy? I have already signed up without using a proxy. So wha tis the big deal with it? A legitimate reason to use a proxy that encrypts such as TOR is to prevent eavesdropping by an ISP or intermediary. It is not necessarily to hide from Misplaced Pages staff. You see the connection between the local computer and the remote proxy is encrypted. Another reason might be to help prevent against broad survalience whereby an entity does something such as "poll up a list of all people who accessed page X within the last year". I hold that user who has a helpful established history with wikipedia should not be prevented from using a proxy. If you do have problems with them, then you can suspend their account and they would no longer be able to use the proxy to edit. Using an open proxy should not be seen as abuse. Nor should it be construed to undermine safeguards when in reality it does no such thing. ] 21:06, 7 December 2006 (UTC) | |||
| :Yeah, this is definitely not the case, but an uncommonly held misbelief which really should be corrected. You won't find it written in policy. -- ] <sup>]</sup> 17:41, 8 March 2020 (UTC) | |||
| :::The problem is establishing whether a user has a legitimate history. It may be fine to allow you or any number of legitimate users in, but allowing registered users means that ''anyone'' who has merely registered an account is able to edit through these. This poses a problem with aged socks, etc., and it would only take one intelligent vandal to require that the open proxies be fully blocked to prevent it. β]β] • 22:36, 29 December 2006 (UTC) | |||
| :: This was an admin refusing an unblock request (presumably some sort of IP ban collision). ] {{ping|331dot}} ] (]) 19:26, 8 March 2020 (UTC) | |||
| ::: I have recently become aware that the requirements for IPBEs have been loosened from my initial understanding of them. I'm still working on this. ] (]) 19:31, 8 March 2020 (UTC) | |||
| == Can open proxies be used in a countries that blocked Misplaced Pages? == | |||
| == Policy issue that needs to be addressed. == | |||
| Is there's exception that open proxies can be used for any countries that blocked Misplaced Pages (e.g. China)? ] (]) 18:01, 6 May 2022 (UTC) | |||
| Please see . Should such servers be blocked? ] 02:49, 8 September 2006 (UTC) | |||
| :See ]. ]] 07:03, 20 September 2022 (UTC) | |||
| The discussion mentioned is now ]. No, such servers should not be blocked, and yes, the issue needs to be addressed. Urgently. ] 16:34, 5 November 2006 (UTC) | |||
| :Use to access the WP without changing the IP address. ] (] | ]) 01:06, 22 December 2022 (UTC) | |||
| ==There is a discussion at Village Pump== | |||
| == Tor == | |||
| There is a discussion of this policy at ]. Your input is welcome! --<span style="border-radius:8em;padding:0 7px;background:orange">]</span> ] 15:58, 11 January 2023 (UTC) | |||
| == Should we add a page about Google One/Private Relay? == | |||
| Same banned users and others that have "left" the project, are now using ] (http://tor.eff.org/) . What can be done? ] <small>] • ]</small> 04:09, 14 September 2006 (UTC) | |||
| I know that Google One VPN is blocked. How about people using Private Relay from Apple- would that be considered an open proxy too? I think we might need to make a page about this as a lot of people might be using it and they may not be aware. ] (]) 19:57, 14 April 2023 (UTC) | |||
| == Legitimate uses for open proxies == | |||
| ==Just weird== | |||
| There are many legitimate uses for open proxies. One notable example is China and its Great Firewall. With over a fifth of the world's population unable to edit Misplaced Pages via normal methods, this policy discriminates against a large percentage of the world's population. does not offer as good privacy protection as, say, TOR for example. This is a problem, for users in China and elsewhere, who are worried about being persecuted for their edits. According to ], "Blocks may be imposed where threats have been made or actions performed (including actions outside the Misplaced Pages site) that expose Misplaced Pages editors to political, religious, or other persecution by government, their employer, or anyone else." This policy is exposing Misplaced Pages editors to such prosecution. (And no, I'm not suggesting blocking anyone for following this policy, I'm suggesting changing the policy.) Not only users in China, but users in all governments that have restrictive laws (inclusive) or enforcement, as well as non-governments that monitor internet usage, for whatever reason. Yes, vandals and blocked users may use proxies too, but is the perfect state of Wikpedia's articles more important that people's lives and well-being? | |||
| I know I'm about to bring out a lot of angry men shouting about sockpuppets, but it just seems bizarre to me that Misplaced Pages allows people to edit through random URLs without registration, but apparently can't find a way to allow registered editors with thousands of good edits to edit through a commercial VPN.] (]) 13:38, 2 March 2024 (UTC) | |||
| If you think that editors who have such concerns simply shouldn't edit, isn't that against the spirit of the Foundation policy that anyone may edit? And doesn't it encourage ] by discouraging editors from China and other places with restrictive goverments from editing, and discouraging the editing of controversial topics? | |||
| To make it absolutely clear, I '''strongly oppose''' this policy. I would support soft-blocking proxies such that anon IPs could not edit, but registered users could. | |||
| β ] (]|]) 01:07, 21 October 2006 (UTC) | |||
| == Why indefinite blocking? == | |||
| I have asked the same question at ]. What is the reason for indefinitely blocking? These IPs are going to change at some point, and someone is going to have to take the time to unblock them all. Why not block for 1 year or 3 years? β]β] • 02:23, 21 October 2006 (UTC) | |||
| :The wording and the default block length for the proxy template have since been changed. β]β] • 01:03, 25 May 2007 (UTC) | |||
| == Are you trying to ban Thailand? == | |||
| I '''strongly oppose''' the use of this policy to block positive contributions from established, registered users. Two of the biggest ISPs in Thailand, True internet and CS Loxinfo, have been blocked under this policy. I have to wonder what "open proxy" is supposed to suggest in this context.... these are paid services; I very much doubt that trying to use IPs such as 203.144.144.164 (True) and 203.146.247.78 (CS Loxinfo) through a proxy client would get anyone very far.... | |||
| CS Loxinfo is Thailand's Biggest Internet Service Provider. It is operated by ], which holds a monopoly on satellite operation in the Kingdom of Thailand. I can't imagine that blocking such services is what this policy was intended to achieve. | |||
| The indiscriminate application of this policy has now made it extremely difficult for me to edit Misplaced Pages, and I presume that other Thailand based users must be having similar problems. I will persevere, for now, with other ISPs, in the full expectation that these, too, will eventually be blocked as "open proxies". Of course, if every ISP I can possibly use is going to be systematically blocked, I will eventually be obliged to take an extended wikibreak.... along with thousands of other users in the Kingdom... until the application of this policy is reconsidered. ] 06:19, 5 November 2006 (UTC) | |||
| == Solution of the problem: more action - more reaction == | |||
| There is no need to block any open proxies. Instead of this You can maintain automagically (not, as now, manually) generated list of ip addresses that are most frequently used to vandalize Misplaced Pages. Let Wikipedians that are somehow more trusted (for example having at least x edits) report vandalisms from ips in a format that can be easily understood by Misplaced Pages computers. Those computers would count cases of vandalism and in situations when number of edits from some address that are vandalisms would in some period of time be greater than some value (let it be 1/month) they would put this address on a list of restricted (not blocked) addresses. | |||
| Not logged users making edit to some Misplaced Pages article from those restricted addresses would everytime have to first pass defenses set by Misplaced Pages (for example they would have to write in a form a long sequence of random letters that they would see on an image). If, despite of those measures, number of vandalisms in edits from some address would increase, defenses would be automagically toughen (the number of random letters to write in would be increased), and, inversely, when number of vandalisms in edits from some adress would decrease, defenses would be relaxed and the number of letters to write would be decreased (to 0, when number of vandalisms would drop below 1/month). | |||
| Simply speaking: it would give to users of all open proxies ability to edit Misplaced Pages, and Misplaced Pages ability to keep number of vandalisms made using open proxies on low level, with much less manual work. | |||
| Lukasz 2 February 2007 | |||
| == Users from China are banned by this policy == | |||
| This policy effectively bans users from China. I've previously used Tor to circumvent the block, but it stopped to work after I updated Firefox to version 2.0. I think it's because the Switchproxy plug-in for Firefox doesn't work. Even Tor was not a good solution, because for most users it's too difficult to install. Anyway, I've not been able to access articles since then without using an open proxy. The alternative access to Misplaced Pages explained somewhere else ( ) also doesn't work any more. I strongly oppose the ban, and I'm forced to breach it to even make this statement. β] 03:33, 9 February 2007 (UTC) | |||
| :There is no way to not have this ban. If open proxies were allowed, they would be repeatedly and endlessly used by vandalsβand therefore blocked just as they are now. The only difference is that with this policy they are blocked before the vandalism. β]β] • 03:32, 16 February 2007 (UTC) | |||
| ::Correction: They are blocked whether there is vandalism or not. I also strongly oppose this policy. The number of good faith editors that are hit hard by it is too large to call it accidental any more. - ] 12:26, 19 February 2007 (UTC) | |||
| ::: "There is no way not to have this ban"? There is no way not to exclude one fifth of the world population from Misplaced Pages? There is no way not to exclude a community of Internet users larger than in the United States? (On the number of Internet users in China, see Natalie Pace, , ] 2006; , ] 2005) | |||
| ::: There must be a way! Pre-emptively blocking such a large number of users is totally out of proportion. This policy exacerbates the ] of Misplaced Pages. β] 03:44, 25 February 2007 (UTC) | |||
| I agree with Babelfisch and Andre Engels that this is a huge problem. You are probably blocking more good faith editors than vandals with this policy. Note that these good faith editors even might have helped you vandal-hunting.--] 12:08, 25 February 2007 (UTC) | |||
| :Because it only takes one vandal to make use of thousands of proxies to cause havoc, it makes no difference how many persons are affected by the block. Welcome to the technology age: one person has through technology more power than 100 million Chinamen manually reverting vandalism. β]β] • 19:02, 25 February 2007 (UTC) | |||
| :: ], your racist slur is not appreciated. β] 05:41, 22 March 2007 (UTC) | |||
| :::Huh? β]β] • 03:27, 31 March 2007 (UTC) | |||
| ::::I've modified the word, since he indicates he didn't know it was offensive. ]Β·] 06:30, 31 March 2007 (UTC) | |||
| ::::: How can you "modify" another user's contribution in the middle of a discussion? If he "doesn't know" that "Chinamen" is an offensive term, why "help" him by replacing "Chinamen" by "Chinese people"? This is ridiculous. β] 07:47, 2 April 2007 (UTC) | |||
| As there seems to be no willingness to solve this problem on this discussion page, I've also started a discussion here: ] β] 07:29, 3 April 2007 (UTC) | |||
| == Suggestion of proxy open parts of wikipedia == | |||
| Could we create a second proxy open talk page or open the talk pages for proxies? This would allow many more user's to contribute (sourced information can be presented on the talk page and than inserted by users who can edit the article). Talk page's didn't seem to be sexy enough for most vandals, so I presume the chances of an increased misuse are comparably low. ] 18:58, 25 February 2007 (UTC) | |||
| :That becomes useless once it is used by vandalbots. β]β] • 18:59, 25 February 2007 (UTC) | |||
| ::And you can't use vandalbots on wikipedia without proxies? Besides if we use a seperate page it is quite simple to require a registration for edits. ] 11:38, 26 February 2007 (UTC) | |||
| :::If you use vandalbots without proxies, the IP address or even range which it uses is blocked. If you use them with open proxies, there are thousands upon thousands of IP addresses of all designation which can be used endlessly, unless open proxies are blocked. β]β] • 17:22, 3 March 2007 (UTC) | |||
| :I can see some potential value, although I'm not sure how much demand there would be. There are already many, many articles with no talk page activity so I'm not sure that adding a second talk page would gain much, particulalry since it would need the good graces of another user to transfer material across. | |||
| :I'm not sure how it could be achieved, but I'm sure it could be worked into the mediawiki software. | |||
| :] 20:37, 2 March 2007 (UTC) | |||
| == "banned" == | |||
| In other contexts, "banned" means that all such edits may be reverted on sight, regardless of 3RR. Can it be clarified that this does or does not mean that here? It's being argued elsewhere that it does (and, that, incidentally, if someone you edit war with later turns out to be an open proxy, your 3RR block can be overturned, even if you weren't "reverting open proxy edits" at the time): ] --] 12:04, 14 May 2007 (UTC) | |||
| I've made an edit suggesting an alternate wording. "Banned" is a term that has a specific meaning here and should not be used. --] 12:07, 14 May 2007 (UTC) | |||
| :In the other usage, the ''person'' is banned. Here, the ''service'' or the ''IP address when an open proxy'' is banned. β]β] • 19:18, 18 May 2007 (UTC) | |||
| == Stupid Policy == | |||
| What next? Should we block all muslim users because they ''may'' vandalise certain pages? Should we block American IP addresses because they ''may'' vandalise and misspell words? Or how about blocking all Nigerian addresses as they could be used in scams and user page spam? This policy is stupid. The vast majority of vandalism I've detected on Wikibooks and Misplaced Pages comes from closed IP addresses and usernames. How much time is being wasted on this policy? As an administrator on Wikibooks I refuse to take any part in this joke policy. ] 11:58, 3 June 2007 (UTC) | |||
| :This policy affects no one who is not otherwise able to access the Internet. If you block these ethnic IP address that you have peculiarly chosen, you have blocked the person's primary and only IP address; if you block an open proxy, the person is free to use their primary Internet access. On the other hand, if you do not uniformly block these ethnic IP addresses, and a person using one vandalizes, the vandalism can be effectively stopped by blocking the ethnic IP address; but if you do not uniformly block open proxies, and a person using one vandalizes, they are perfectly capable of moving on to another open proxy, and another and another if you block them, leaving you to play Whac-A-Mole until all the open proxies are blocked anyway, thus resulting in the same result you tried to avoid by not blocking open proxies, but with a battle-field of vandalism in your wake. How much time would be wasted on reverting untraceable, unpreventable vandal bots if open proxies were not blocked? You consider it a joke because you do not understand it and have chosen a very poor analogy to try to make sense of it. β]β] • 21:38, 3 June 2007 (UTC) | |||
| == A general statement == | |||
| I do not intend this to be a decree or anything overriding policy. This is merely a statement. | |||
| I think this policy is currently overbroad, in that it does not appear to take proper recognition of the | |||
| incredible good we can do by working within reason to allow and encourage people who have special circumstances | |||
| to be able to edit using anonymizing tools such as Tor. As I am told, we have recently switched from soft blocking | |||
| Tor exit nodes (something I approve of, due to the incredible firehose of vandalism they can be otherwise) to hard | |||
| blocking Tor exit nodes (something I do not approve of, since this totally forbids Tor users from editing Misplaced Pages at all, | |||
| rather than merely imposing a 4 day waiting period on them). | |||
| I would like this policy to be (thoughtfully, slowly, and with due consideration for all valid viewpoints) revised a bit | |||
| to include a stronger acknowledgment that editing via open proxies can be a valid thing to do.--] 03:38, 4 June 2007 (UTC) | |||
| I do not know if I have changed my mind from . But I don't think so. I still support generally blocking anonymous proxies, but I support using soft blocks rather than hard blocks.--] 03:41, 4 June 2007 (UTC) | |||
| :I'm going to have to agree with this. I think our blanket "cannot use open proxies" policy is inherently a bad thing, at least in regards to Tor. While I will admit a good many vandals do use Tor, we also have a good many users (including all of China) who are unable to edit just because we said "sorry, we choose to not let you contribute." I think we're better off letting Tor be open and deal with vandalism/sockpuppetry as it comes along, rather than making an at-large ban and shutting out potentially constructive members of our community. <span style="color:red;font-weight:bold">^</span>]<sup></span>]]</sup> <em style="font-size:10px;">03:57, 4 June 2007 (UTC)</em> | |||
Latest revision as of 13:39, 2 March 2024
| This is the talk page for discussing improvements to the Open proxies page. |
|
| Archives: 1, 2 |
 | This is not the page to report suspected open proxies. Please instead create a report at Misplaced Pages:WikiProject on open proxies. |
A confused editor gives a technical perspective on the policy of hardblocking open proxies
I've been reading, trying to figure out where the broad consensus that hardblocking, rather than softblocking, anonymous proxies is necessary comes from. I'm a computer scientist, and it deeply offends my sensibilities that Misplaced Pages, a Layer 7 application, makes decisions about me based on my choice of Layer 3 address. I can appreciate the cleverness of using IP addresses as credentials for anonymous users, and understand the need for IP blocks to fight anonymous vandals, but if a user has an account, they're just as easy to block no matter what IP they're logging in from.
The lone exception I've been able to find is in WP:ABK. This is an interesting and, once again, technically clever system, but it's clearly a hack; it relies on certain aspects of the Internet Protocol that are usually true but not guaranteed. The advent of mobile computing has forced me as a computer scientist to start dealing with situations where a user's session is not tied to a single IP at all, but could roam between multiple IPs, which is not a trivial issue to deal with (especially over UDP or other unreliable transport: barrels of ink have been spilled over handling this problem in VPN protocols). I typically carry a second IP in my pocket (my iPhone's LTE is as fast as my cable, albeit more expensive), and I can obtain a new one from my cable company at will by tweaking my router's MAC address. IPv6 has already been officially turned on, and it typically hands out thousands or millions of IP addresses to every customer; IPv6-only clients can connect to IPv4 servers using 6to4 or Teredo gateways, which mask their "real" IP just as effectively as anonymous proxies do; since they aren't actually HTTP proxies, though, don't expect the X-Forwarded-For header to solve all your problems!
In short, blocking anything that breaks Autoblock is short-sighted and misguided. Misplaced Pages is one of the pioneers of the internet community, and it has a responsibility to encourage new and innovative uses of technology, not hinder them because they require more effort to control.
It seems to me that the IPEXEMPT flag would strike a good balance between automatic sockpuppet prevention and ease-of-use, but current policy is that this flag is given only in "exceptional circumstances," requires trusting an editor with an "admin tool," and that it can be revoked preemptively. I don't understand how this flag could be treated as such a sensitive tool. A minimal level of human (admin) verification needed to assign this flag to an account, on par with the scrutiny for receiving rollback, would effectively prevent the creation of sockpuppet armies, and prevent the use of stolen accounts (which would probably not have applied for the IPEXEMPT flag). (If more assurance that an account would not be stolen in the future were needed, it would be simple to require a prospective IPEXEMPT editor to have a committed identity.)
I'm interested in the community's thoughts on this subject. It's my hope that I can provide a valuable technical viewpoint to the consensus-building process.
MrNerdHair (talk) 07:24, 1 March 2013 (UTC)
- @MrNerdHair: It's been nearly 7 years and no one has responded to your concern. Sad. I completely concur. For the last couple of years my ISP has no longer given me a unique public IP address, I only have an internal 10.x.x.x address and I'm routed in a NAT-like fashion through a public IP that is shared with many other customers (dozens, or possibly hundredsβwho knows). Wikipedians are actively hunting down all the IP addresses of VPNs (even paid ones, see below) and blocking them too. Even while logged in with my email verified I have to disable my VPN in order to edit Misplaced Pages or even post on a talk page. I think that policy is putting editors' privacy at risk and it's discouraging me from contributing. β SimonEast (talk) 05:35, 12 January 2020 (UTC)
I agree with you, indeed no reason to tie to IP adress for any purpuses at all. The first priority should always be the wikipedia ID and only as latest measure should be the list of restrictions by IP, which means there is no way to authenticate the user. Sanaris (talk) 22:30, 15 March 2020 (UTC)
I don't see the rationale behind the ban for registered autoconfirmed users as well, and this hurts me too since I live under an oppressive censoring government (so i have to use a proxy for my day-to-day browsing to avoid blocks), but Misplaced Pages administration have dismissed my request to give me an exempt w/o providing any reasoning in their decision. Since no one seems to react to the contents of this talk page, is there a better place to discuss such policies? L29Ah (talk) 21:30, 30 March 2020 (UTC)
- @L29Ah and SimonEast: I'd recommend a previous response by me further down this page. The short answer to this concern is that autoconfirmed is not any type of barrier, because we often see that anyone can achieve multiple accounts with this status. You then end up with multiple accounts running across multiple proxies. I'd also give a tip for any future discussions: any proposal which involves converting all hard blocks to soft blocks is unlikely to work. Also, there is rarely such a monolith as 'Misplaced Pages administration', so I would also recommend sending your request to me by email, if you'd like it seriously considered. -- zzuuzz 22:23, 30 March 2020 (UTC)
Eight years and no solution
Can someone explain to me why nobody has found a way to let long-standing logged-in editors use proxies and VPNs. I've read through both pages of comments and nobody seems to want to fix this. Also MrNerdHair's valid comments above haven't been so much as answered. ιε·₯ε·³ε εεΉηΆε·₯ζ° (talk) 03:15, 21 July 2013 (UTC)
- VPN's usually aren't blocked unless they offer a free trial. This page seems to have few watchers... Sailsbystars (talk) 01:07, 4 April 2014 (UTC)
Proactive proxy hunting
Is there any reason why we can't get subscriptions to paid open proxy servers in an effort to identify exactly which IPs are available so that we can block them? GabeMc 17:15, 26 May 2014 (UTC)
- I believe something like that is how ProcseeBotΒ (talkΒ Β· contribs) operates, but it only catches one type of proxy that it can immediately and automatically verify.... web proxies, OTOH suffer from an inverse problem in that it's hard to establish with certainty that it is a proxy. Sailsbystars (talk) 21:08, 26 May 2014 (UTC)
This is now the official policy on open proxies
I just rearranged some articles to say that this page is the official policy on open proxies. I trust this is not controversial. I did not actually change content here.
I did this because Misplaced Pages:Blocking_IP_addresses#Open_proxies, a "consensus page" which is weaker than those tagged as Misplaced Pages:Policies and guidelines, says to go here for more information. This page previously said that for more information, one should go to Misplaced Pages:Blocking_policy#Open_or_anonymous_proxies, which is a policy page just like this one. That page said to come here for details, but since all of the information on the topic is here, it should note that this is the main page. Misplaced Pages policy pages should be set up so that one page claims to be the main policy, and other pages refer to that page as the main policy. This is how I rearranged things. The "blocking" page is about blocking generally, and is not really about open proxies, and the IP address page is about something else too. This is the most relevant page, so I made the other pages refer to this one when talking about open proxies.
The changes that I made are to say that conversations about open proxies, for blocking or otherwise, should go here in this talk forum, and that this is the page where people read policy on open proxies and not elsewhere. Blue Rasberry (talk) 01:18, 17 December 2014 (UTC)
- I am not sure what you are talking about, but I know that somebody has been going around "fixing" articles so that tens of thousands of people with ordinary Los Angeles Public Library cards can no longer get access to check on the sources for the scores of articles I have written about L.A. topics. If you think this improves the encyclopedia, you are definitely wrong. It stinks: Take it from one who has BeenAroundAWhile (talk) 15:11, 13 January 2020 (UTC)
Why Wikimedia, Inc. should not care about IPv4 addresses
I would like to suggest that IPv4 addresses are no longer a good way to identify users. Most ISPs assign a new IPv4 address periodically (usually, every disconnection from the ISP introduces a new IPv4 address and many ISPs assign a new address at least once every 72 hours, the DHCP default). Because ISPs are no longer allocated sufficient IPv4 addresses to assign a separate address to each connected device, ISPs have begun to use port reassignment (the same as VPNs and Proxies). With port reassignment, users connect to the ISP via an intranet IPv4 address (which can appear to be an ordinary IPv4 address) and the ISP connects the user to the internet via a range of source ports on an internet IPv4 address. Thousands of user devices can use the same IPv4 address. IPv4 addresses are still useful for identification of the company that connects a user or device to the internet.
US law was changed earlier this year to allow ISPs to sell user information and trace logs, without notice to users. This includes source and destination IP addresses for every connection and (when available) the Latitude and Longitude from which the user is making the connection. This applies even to HTTPS connections. This has caused many of us to turn to VPNs for all internet use.
For both security and privacy reasons, most US internet users and all mobile connection users (any type of radio connection) should be connected via an encrypted connection to the internet. Radio connections are easily hackable, so an ISP or intermediary that accepts encrypted routing (IP packet) headers is necessary. Encrypted connection to one's ISP or mobile telephone provider is rarely available.
Requiring HTTPS connections, login IDs, and passwords, and the use of email to confirm each login ID is much more reliable. HTTP connections allow easy packet insertion hacks. If you require an email confirmation for connections that are from a provider the user has not used before, that provides some additional identity assurance beyond the password, if the user's connection to the provider is encrypted. But a provider that accepts unencrypted communication from users (like most ISPs) is not reliable assistance in identifying users. Drbits (talk) 01:04, 9 November 2017 (UTC)
- Thanks for the detailed explanation @Drbits:. I completely agree. As I noted in my previous comment above, my ISP no longer provides me with my own IPv4 address, I have to share it with dozens, if not hundreds/thousands of other customers. And I cannot edit via a paid VPN because that is also considered a transport for abuse. *sigh* β SimonEast (talk) 05:50, 12 January 2020 (UTC)
Why requiring VPN disconnection is a problem
For security reasons, disconnecting from a VPN often also disables internet connection from most programs. This is not just inconvenient, but it also temporarily blocks antivirus updates, file synchronization, and other security measures.
More sophisticated computer users can greatly improve system security by only leaving the VPN port open in the firewall. Drbits (talk) 01:19, 9 November 2017 (UTC)
- It looks to me as though all these legitimate complaints about VPN blocking are being systematically ignored. There is no valid reason that confirmed registered users, when logged in, should be blocked from editing, just because of their IP address. I'm starting to believe that some administrators are compulsively and closed-mindedly pressing forward with this policy, "Don't confuse us with the facts". The only plausible explanations I can come up with for this prolonged behavior are... β well, understandably human, but... β still not all that flattering. Respectfully, you guys need to review what you're doing, here.--IfYouDoIfYouDon't (talk) 09:30, 22 November 2018 (UTC)
- I understand the concern about traceability, but requiring logins eliminates that. The only other thing I can think of is the concern over DDOS attacks - but those would apply to access to all of the organization's assets. Drbits (talk) 03:27, 19 February 2020 (UTC)
- @Drbits, User:IfYouDoIfYouDon't it has gotten very ugly. Two Misplaced Pages editors were arrested in Saudi Arabia and who knows if it may have had something to do with the inability to use vpn. There is a discussion in Misplaced Pages:Village pump (WMF)/Archive 6#Saudi Arabia arrests two Misplaced Pages adminstors. Thinker78 (talk) 01:31, 9 January 2023 (UTC)
- I understand the concern about traceability, but requiring logins eliminates that. The only other thing I can think of is the concern over DDOS attacks - but those would apply to access to all of the organization's assets. Drbits (talk) 03:27, 19 February 2020 (UTC)
This is so dumb.
I'm trying to get into the Los Angeles Public Library website so I can check on a source for an article I posted. Here is what I got, a big message about "Proxies." https://en.wikipedia.org/search/?title=Bernard_Cohn_(politician)&action=submit I've noticed that somebody within the past few years has gone around and messed with ALL the LAPL library sources, and now I can't see the sources for all the articles I've created, and I've done a few hundred or more. I have GOT to be able to check the sources, and so does everybody else. What is the purpose of this? It seems to have been done with no notice to anybody. Sincerely, BeenAroundAWhile (talk) 01:29, 27 September 2019 (UTC)
Autoconfirmed editors should be allowed to edit through proxies.
Autoconfirmed editors should be allowed to edit through proxies. They've already shown that they're not vandals. Blocking them does nothing but prevent constructive edits. Benjamin (talk) 05:34, 29 September 2019 (UTC)
- I'm not sure if this is an answer to my rant above, but if it means I can get back to my Los Angeles Public Library sources (as could anybody else with a Los Angeles Public Library card), I'm in favor of it. BeenAroundAWhile (talk) 05:38, 29 September 2019 (UTC)
- I would agree @Benjaminikuta:. Blocking not only open-proxies but any and all VPNs even for autoconfirmed editors does seem like a great overkill and puts editors' privacy and security at risk. Sadly, it doesn't appear that anyone of influence is reading the posts on this page. Perhaps there's a better location to raise these concerns. β SimonEast (talk) 05:46, 12 January 2020 (UTC)
- Thanks for the reply. Perhaps we could start an RfC? But I'm not so familiar with the procedure. Benjamin (talk) 09:10, 12 January 2020 (UTC)
- The appropriate place to start would probably be WP:VP. Speaking as someone who deals with abusive sockpuppets and sometimes partially helps to implement this policy, I'd say two things: First, autoconfirmed is no barrier and we often have to deal with multiple autoconfirmed sock farms hopping around multiple proxies. Second, before thinking about a RfC, have a good read of WT:IPBE, which is closely intertwined with this policy. -- zzuuzz 14:26, 13 January 2020 (UTC)
- Thanks for the reply. Perhaps we could start an RfC? But I'm not so familiar with the procedure. Benjamin (talk) 09:10, 12 January 2020 (UTC)
How banned are VPNs?
"using a VPN to edit is not permitted."
This was news to me!
Now, I recognise that there are good reasons to block some anonymising services. However for a logged-in WP account, particularly one which is autoconfirmed, been here for years etc., why is their use of a VPN as an invisible transport mechanism from them to WP (for reasons which quite honestly are just none of our business) any sort of problem? Andy Dingley (talk) 16:55, 8 March 2020 (UTC)
- Yeah, this is definitely not the case, but an uncommonly held misbelief which really should be corrected. You won't find it written in policy. -- zzuuzz 17:41, 8 March 2020 (UTC)
- This was an admin refusing an unblock request (presumably some sort of IP ban collision). User talk:Deku-shrub#Unblock @331dot: Andy Dingley (talk) 19:26, 8 March 2020 (UTC)
- I have recently become aware that the requirements for IPBEs have been loosened from my initial understanding of them. I'm still working on this. 331dot (talk) 19:31, 8 March 2020 (UTC)
- This was an admin refusing an unblock request (presumably some sort of IP ban collision). User talk:Deku-shrub#Unblock @331dot: Andy Dingley (talk) 19:26, 8 March 2020 (UTC)
Can open proxies be used in a countries that blocked Misplaced Pages?
Is there's exception that open proxies can be used for any countries that blocked Misplaced Pages (e.g. China)? SpinnerLaserzthe2nd (talk) 18:01, 6 May 2022 (UTC)
- See Misplaced Pages:Advice to users using Tor to bypass the Great Firewall. AKK700 07:03, 20 September 2022 (UTC)
- Use TCPioneer to access the WP without changing the IP address. IntegerSequences (talk | contribs) 01:06, 22 December 2022 (UTC)
There is a discussion at Village Pump
There is a discussion of this policy at Misplaced Pages:Village pump (policy)#Allow registered editors to use vpn (open proxies). Your input is welcome! --Thinker78 (talk) 15:58, 11 January 2023 (UTC)
Should we add a page about Google One/Private Relay?
I know that Google One VPN is blocked. How about people using Private Relay from Apple- would that be considered an open proxy too? I think we might need to make a page about this as a lot of people might be using it and they may not be aware. 747pilot (talk) 19:57, 14 April 2023 (UTC)
Just weird
I know I'm about to bring out a lot of angry men shouting about sockpuppets, but it just seems bizarre to me that Misplaced Pages allows people to edit through random URLs without registration, but apparently can't find a way to allow registered editors with thousands of good edits to edit through a commercial VPN.Atrapalhado (talk) 13:38, 2 March 2024 (UTC)