Misplaced Pages talk:Open proxies: Difference between revisions

Browse history interactively ← Previous editContent deleted Content addedVisual WikitextInline

Revision as of 11:50, 22 June 2007 editMackan79 (talk \| contribs)Pending changes reviewers7,363 edits →Copying from Meta ← Previous edit		Latest revision as of 13:39, 2 March 2024 edit undoAtrapalhado (talk \| contribs)Extended confirmed users2,688 edits →Just weird Tag: 2017 wikitext editor
(470 intermediate revisions by 95 users not shown)
Line 1:		Line 1:
			{{talkheader\|WT:PROXY\|WT:NOP}}
	Discussion, wordsmithing, etc. goes here. --] 21:29, 20 January 2006 (UTC)
			{{tmbox
			\| type = notice
			\| text = <big>This is '''not''' the page to report suspected open proxies.</big> Please instead create a report at ].
			}}
			== A confused editor gives a technical perspective on the policy of hardblocking open proxies ==

			I've been reading, trying to figure out where the broad consensus that hardblocking, rather than softblocking, anonymous proxies is necessary comes from. I'm a computer scientist, and it deeply offends my sensibilities that Misplaced Pages, a ] application, makes decisions about me based on my choice of ] address. I can appreciate the cleverness of using IP addresses as credentials for anonymous users, and understand the need for IP blocks to fight anonymous vandals, but if a user has an account, they're just as easy to block no matter what IP they're logging in from.
	== No preemptive blocking ==

			The lone exception I've been able to find is in ]. This is an interesting and, once again, technically clever system, but it's clearly a hack; it relies on certain aspects of the Internet Protocol that are ''usually'' true but not guaranteed. The advent of mobile computing has forced me as a computer scientist to start dealing with situations where a user's session is not tied to a single IP at all, but could roam between multiple IPs, which is not a trivial issue to deal with (especially over UDP or other unreliable transport: barrels of ink have been spilled over handling this problem in VPN protocols). I typically carry a second IP in my pocket (my iPhone's LTE is as fast as my cable, albeit more expensive), and I can obtain a new one from my cable company at will by tweaking my router's MAC address. IPv6 has already been officially turned on, and it typically hands out thousands or millions of IP addresses to every customer; IPv6-only clients can connect to IPv4 servers using 6to4 or Teredo gateways, which mask their "real" IP just as effectively as anonymous proxies do; since they aren't actually HTTP proxies, though, don't expect the X-Forwarded-For header to solve all your problems!
	Seems like a pretty well-balanced article to me. But I oppose the policy. Open proxies should only be blocked if they are already eligible under existing blocking policy due to vandalism. No preemptive blocking. ] 22:43, 20 January 2006 (UTC)

			In short, blocking anything that breaks Autoblock is short-sighted and misguided. Misplaced Pages is one of the pioneers of the internet community, and it has a responsibility to encourage new and innovative uses of technology, not hinder them because they require more effort to control.
	* Currently, many Misplaced Pages admins (such as on the project mentioned in the article) ''do'' pre-emptively block proxies. Which is why it is important to clarify what the policy actually is. FWIW, I'm all in favor of blocking ''any'' open proxy; though in practice I agree with you that efforts should be focused on those proxies which are actually used for vandalism. --] 22:54, 20 January 2006 (UTC)
	**Oppose all you like; pre-emptive blocking of open proxies is a longstanding policy, both for reasons of vandalism and for the problems it poses to attributing edits, which is required for our license. ]]] 12:16, 21 January 2006 (UTC)
	***Oh. I had no idea. In that case I support with reservations. :-) ] 05:45, 22 January 2006 (UTC)
	*Why is it "required for our licence"? Since Misplaced Pages is collectively written, and that it accepts unlogged users, what are the differences for this matter betwen an unlogged user and a ] user? Why are anonymous programs forbidden on Misplaced Pages, and where has this policy been decided? Has it been voted? If yes, can a new vote be submitted, what is the "policy on policies"? ]
	**It is interesting that such questions do not get answers. ] 15:40, 4 September 2006 (UTC)

			It seems to me that the IPEXEMPT flag would strike a good balance between automatic sockpuppet prevention and ease-of-use, but current policy is that this flag is given only in "exceptional circumstances," requires trusting an editor with an "admin tool," and that it can be revoked preemptively. I don't understand how this flag could be treated as such a sensitive tool. A minimal level of human (admin) verification needed to assign this flag to an account, on par with the scrutiny for receiving rollback, would effectively prevent the creation of sockpuppet armies, and prevent the use of stolen accounts (which would probably not have applied for the IPEXEMPT flag). (If more assurance that an account would not be stolen in the future were needed, it would be simple to require a prospective IPEXEMPT editor to have a ].)
	== WP:BP ==
	It really isn't a good policy; it provides a false sense of security without really attacking the underlying problem. This is typical of hackerish works such as Misplaced Pages, which will continue to lack credibility in scholarly work or in industry. {{unsigned\|24.61.5.30}}

			I'm interested in the community's thoughts on this subject. It's my hope that I can provide a valuable technical viewpoint to the consensus-building process.
	This is a very well written piece, but on the other hand the message is already part of ]. Might I suggest you take this text and use it to improve that subheading? ] 02:14, 21 January 2006 (UTC)
	*It's already covered there. I've done a redirect. ]]] 12:16, 21 January 2006 (UTC)

			] (]) 07:24, 1 March 2013 (UTC)
	Thanks for pointing out the link to ]--initially, I proposed this because I couldn't find it anywhere. That said, I still think that having this policy as separate may be a good idea.

			: {{ping\|MrNerdHair}} It's been nearly 7 years and no one has responded to your concern. Sad. I completely concur. For the last couple of years my ISP has no longer given me a unique public IP address, I only have an internal 10.x.x.x address and I'm routed in a ]-like fashion through a public IP that is shared with many other customers (dozens, or possibly hundreds—who knows). Wikipedians are actively hunting down all the IP addresses of VPNs (even paid ones, see below) and blocking them too. ''Even while logged in with my email verified'' I have to disable my VPN in order to edit Misplaced Pages or even post on a talk page. I think that policy is putting editors' privacy at risk and it's discouraging me from contributing. — ] (]) 05:35, 12 January 2020 (UTC)
	Why?

			I agree with you, indeed no reason to tie to IP adress for any purpuses at all. The first priority should always be the wikipedia ID and only as latest measure should be the list of restrictions by IP, which means there is no way to authenticate the user. ] (]) 22:30, 15 March 2020 (UTC)
	* ] is listed on ], but under the "restricted features" subheading. While ordinary users (like me) can read it, many won't.
	* ] contains numerous clauses of the form "if user/IP '''X''' performs behavior '''Y''' and additional constraints '''Z''' are satisfied; then '''X''' may blocked for time ''t''"; where '''Y''' is some behavior contrary to Misplaced Pages's rules; and '''Z''' usually is appropriate due process or warnings afforded to the user. For most cases, '''Y''' corresponds to an official policy on Misplaced Pages; which is explicitly documented as such. For open proxies, there is no corresponding policy page which clearly sets forth the policy; nothing to directly reference from ]. In short, ] is a policy describing when admins may/should block users; but it's not as well suited for informing users of what they may and may not do. The equivalent in law would be giving judges sentencing guidelines allowing jail time for offenses which are not prohibited in the statutes. Maybe I'm wearing my "lawyer" hat too tight on this point.
	* At any rate, no open proxies is certainly ''de facto'' policy; transparency suggests that it be ''de jure'' policy as well. If you dig around, you can find snippets of info which document the policy (many of which are summarized in the article). Perhaps this is worrying about minutiae, I don't know.

			I don't see the rationale behind the ban for registered autoconfirmed users as well, and this hurts me too since I live under an oppressive censoring government (so i have to use a proxy for my day-to-day browsing to avoid blocks), but Misplaced Pages administration have dismissed my request to give me an exempt w/o providing any reasoning in their decision. Since no one seems to react to the contents of this talk page, is there a better place to discuss such policies? ] (]) 21:30, 30 March 2020 (UTC)
	And not to be rude, Radiant, but I think your move to a redirect was premature--very little discussion has been had on the proposal so far. I'm reverting for now, and adding a few more links--if consensus is to make this a redirect, I'll happily go along. If you revert back (to a redirect) again, I'll leave it alone--but I ask that you allow a bit more discussion to take place first.
			:{{re\|L29Ah\|SimonEast}} I'd recommend a previous response by me further down this page. The short answer to this concern is that autoconfirmed is not any type of barrier, because we often see that anyone can achieve multiple accounts with this status. You then end up with multiple accounts running across multiple proxies. I'd also give a tip for any future discussions: any proposal which involves converting all hard blocks to soft blocks is unlikely to work. Also, there is rarely such a monolith as 'Misplaced Pages administration', so I would also recommend sending your request to me by email, if you'd like it seriously considered. -- ] <sup>]</sup> 22:23, 30 March 2020 (UTC)

			== Eight years and no solution ==
	--] 18:32, 21 January 2006 (UTC)

			Can someone explain to me why nobody has found a way to let long-standing logged-in editors use proxies and VPNs. I've read through both pages of comments and nobody seems to want to fix this. Also MrNerdHair's valid comments above haven't been so much as answered. ] (]) 03:15, 21 July 2013 (UTC)
	Regardless of the decision here; I also recommend that certain other places on Misplaced Pages: ], ], ] ''explicitly'' state that 1) open proxies are disallowed; and 2) point to whatever location in Misplaced Pages (here or ] ''formally'' documents that matter. --] 18:43, 21 January 2006 (UTC)
			:VPN's usually aren't blocked unless they offer a free trial. This page seems to have few watchers... ] (]) 01:07, 4 April 2014 (UTC)
	*Well sure, if this page is to be more expansive there's no harm in keeping it separate. You can flag it policy, by the way, because of precedent and practice. ]]] 22:32, 21 January 2006 (UTC)
	**In other words, all the normal procedures (which certainly would apply to a ''new'' policy) can be bypassed in this case? --] 06:18, 22 January 2006 (UTC)
	***Well, this is not a new proposal, it is an attempt to codify something that we've done for a long time, and that is frankly already covered in existing policy pages. ]]] 11:10, 22 January 2006 (UTC)
	*** In that case, I'll go ahead and change this from <nowiki>{{proposed}}</nowiki> to <nowiki>{{policy}}</nowiki>. --] 18:27, 22 January 2006 (UTC)

	== ~~Foundation~~ ~~Issue~~ ~~Violation~~ ==		== Proactive proxy hunting ==
	This page violates the ] that ''anyone may edit''. Therefore it ''cannot ever'' be policy as far as I am aware.

			Is there any reason why we can't get subscriptions to paid open proxy servers in an effort to identify exactly which IPs are available so that we can block them? ] <sup>(]\|])</sup> 17:15, 26 May 2014 (UTC)
	] 19:25, 22 January 2006 (UTC)
			:I believe something like that is how {{user\|ProcseeBot}} operates, but it only catches one type of proxy that it can immediately and automatically verify.... web proxies, OTOH suffer from an inverse problem in that it's hard to establish with certainty that it is a proxy. ] (]) 21:08, 26 May 2014 (UTC)

			==This is now the official policy on open proxies==
	:It has been policy and will continue to be as long as Jimbo embraces it . ] 19:41, 22 January 2006 (UTC)
			I just rearranged some articles to say that this page is the official policy on open proxies. I trust this is not controversial. I did not actually change content here.

			I did this because ], a "consensus page" which is weaker than those tagged as ], says to go here for more information. This page previously said that for more information, one should go to ], which is a policy page just like this one. That page said to come here for details, but since all of the information on the topic is here, it should note that this is the main page. Misplaced Pages policy pages should be set up so that one page claims to be the main policy, and other pages refer to that page as the main policy. This is how I rearranged things. The "blocking" page is about blocking generally, and is not really about open proxies, and the IP address page is about something else too. This is the most relevant page, so I made the other pages refer to this one when talking about open proxies.
	::] doesn't violate the rule that "anyone" can edit--anyone (other than banned users) may do so; they just need to do so from a machine which isn't an open proxy. Given the security risk posed by open proxies; this is a reasonable restriction. In other words, it's a restriction on ''where'' people can edit from; not ''who'' can edit. Obviously, there will be some individuals out there who, due to their particular circumstances, can only edit through an open proxy--persons in mainland China being one large category. (Note that the Chinese government can and does block access to open proxies outside the ]--as use of such proxies can be used to circumvent bans on what Beijing considers seditions content).
	::One thing that might be a good idea (and may be done, though I'm unaware of it, and it isn't "policy" as of today), is to allow logged-in users (or a subset thereof, screened for sockpuppets, vandals, banned users, and such) to edit from open proxies. Logging in--assuming a secure password--answers the security questions around open proxies. But that would be a ''new'' policy (or a policy change), rather than documentation of what already stands. --] 19:51, 22 January 2006 (UTC)

			The changes that I made are to say that conversations about open proxies, for blocking or otherwise, should go here in this talk forum, and that this is the page where people read policy on open proxies and not elsewhere. ]] 01:18, 17 December 2014 (UTC)
	::: I've discussed this with some developers on IRC now. I understand it's a delicate balancing act. I am somewhat saddened that this is now policy. :-( ] 20:22, 22 January 2006 (UTC)
			:I am not sure what you are talking about, but I know that somebody has been going around "fixing" articles so that tens of thousands of people with ordinary ] cards can no longer get access to check on the sources for the scores of articles I have written about L.A. topics. If you think this improves the encyclopedia, you are definitely wrong. It stinks: Take it from one who has ] (]) 15:11, 13 January 2020 (UTC)

			== Why Wikimedia, Inc. should not care about IPv4 addresses ==
	:::: Again, it's ''been'' policy for quite some time. The creation of this page did '''not''' create a new policy; it just documented and set forth a policy that already existed. In other words, nothing has changed here. --] 20:50, 22 January 2006 (UTC)
	:::::It actually doesn't violate that foundation issue. Anyone can edit. It just means you can't edit over an open proxy. ] 21:14, 23 January 2006 (UTC)
	*Some people are more "anyone" than others. ]]] 15:24, 24 January 2006 (UTC)
	::Yep. Any simple statement like "...anyone can edit" is obviously going to have exceptions and can't be taken literally at face value. Funny that no one has ever objected to the fact that a starving African or a person in a coma can't edit Misplaced Pages. ] 18:28, 24 January 2006 (UTC)
	::: That's a little facetious. "Anyone can edit" plainly implies that anyone '''with access to the Web''' can edit Misplaced Pages - which isn't the case if open proxies are blocked, given that such proxies may be a person's only means of gaining Internet access. ] 15:21, 7 February 2007 (UTC)
	::"WP:NOP does not violate the rule that 'anyone' can edit - anyone... may do so; they just neede to do so from a machine which isn't an open proxy. Given the security risk posed by open proxies; this is a reasonable restriction." I understand that this policy has been enforced because of a "security risk". Can this "risk" be explained? Is there any vote concerning this (or other) policy? ] 18:18, 9 April 2006 (UTC)

			I would like to suggest that IPv4 addresses are no longer a good way to identify users. Most ISPs assign a new IPv4 address periodically (usually, every disconnection from the ISP introduces a new IPv4 address and many ISPs assign a new address at least once every 72 hours, the DHCP default). Because ISPs are no longer allocated sufficient IPv4 addresses to assign a separate address to each connected device, ISPs have begun to use port reassignment (the same as VPNs and Proxies). With port reassignment, users connect to the ISP via an intranet IPv4 address (which can appear to be an ordinary IPv4 address) and the ISP connects the user to the internet via a range of source ports on an internet IPv4 address. Thousands of user devices can use the same IPv4 address. IPv4 addresses are still useful for identification of the company that connects a user or device to the internet.
	== amount of open proxies? ==

			US law was changed earlier this year to allow ISPs to sell user information and trace logs, without notice to users. This includes source and destination IP addresses for every connection and (when available) the Latitude and Longitude from which the user is making the connection. This applies even to HTTPS connections. This has caused many of us to turn to VPNs for all internet use.
	Just curious - about how many open proxies are there out in the wild? And about how much of them have been blocked? --] 08:34, 27 February 2006 (UTC)

			For both security and privacy reasons, most US internet users and all mobile connection users (any type of radio connection) should be connected via an encrypted connection to the internet. Radio connections are easily hackable, so an ISP or intermediary that accepts encrypted routing (IP packet) headers is necessary. Encrypted connection to one's ISP or mobile telephone provider is rarely available.
	==Registered users==
	I can't see why even a registered user (say, registered months, or even years ago, and contributed hundreds of times already) are still being blocked, just because the IP was a shared one. '''I acknowledge that it is necessary to do that due to vandalism issue''', but '''''please re-re-re-consider the registered users.''''' A serious user should be unblocked regardless of which IP s/he uses. Thank you very much. --] 02:56, 9 March 2006 (UTC)
	: Registered users are regularly unblocked when they're affected by such a block. There's a feature request for the ability to block IPs without affecting registered users, but that's currently not possible. // ] (<sub>''''</sub> / <sup>'']''</sup>) 03:18, 9 March 2006 (UTC)

			Requiring HTTPS connections, login IDs, and passwords, and the use of email to confirm each login ID is much more reliable. HTTP connections allow easy packet insertion hacks. If you require an email confirmation for connections that are from a provider the user has not used before, that provides some additional identity assurance beyond the password, if the user's connection to the provider is encrypted. But a provider that accepts unencrypted communication from users (like most ISPs) is not reliable assistance in identifying users.
	:: Has there been any progress implementing this "feature request for the ability to block IPs without affecting registered users"? I am regularly blocked (while logged in) when using Tor. ] 23:31, 24 March 2007 (UTC)
			] (]) 01:04, 9 November 2017 (UTC)

			: Thanks for the detailed explanation {{ping\|Drbits}}. I completely agree. As I noted in my previous comment above, my ISP no longer provides me with my own IPv4 address, I have to share it with dozens, if not hundreds/thousands of other customers. And I cannot edit via a paid VPN because that is also considered a transport for abuse. ''sigh'' — ] (]) 05:50, 12 January 2020 (UTC)
	:: I think that if Misplaced Pages established a policy of "trusted" logins, it would help with this problem. I would naturally assume that anonymous edits from open proxies wouldn't be allowed, but what if users who registered jumped through some extra hoops to ensure that they were legitamate? If we created a system where the normal, unauthenticated person on an open proxy can't make edits, but those who create an account with some extra hoops to jump through would be allowed. They would be trusted users on the system, and their edits would be trackable, yet their actual location can be from anywhere. Such a system could be implemented here, so that if a certain user connected through, or contributed from, an exit node or open proxy, as long as they authenticated, there would be something to track if something went wrong, while still protecting that person's right to privacy. :: ] 21:09, 22 August 2006 (UTC)

			=== Why requiring VPN disconnection is a problem ===
	== Open or anonymous ==
	The policy states that ''open or anonymous proxies are currently not allowed to edit''. That "''or''" seems a bit confusing. Are there proxies that are anonymous but not open? If these ‘restricted anonymous proxies’ ''do'' exist, is it allowed to use them for editing? How can someone identify such a proxy? ] 10:51, 5 April 2006 (UTC)

			For security reasons, disconnecting from a VPN often also disables internet connection from most programs. This is not just inconvenient, but it also temporarily blocks antivirus updates, file synchronization, and other security measures.
	: An ''open'' proxy in one which is vulnerable to exploitation, usually by accident. An anonymising proxy is one which hides the identity of the user, but it may be a closed service; anonymising proxies aren't necessarily open. These are more difficult to find, since they aren't flagged by any scans, but they are often advertised or can be detected indirectly. // ]</small>] ] (<sup>'']''</sup>/<sub>]</sub>) 17:30, 4 September 2006 (UTC)

			More sophisticated computer users can greatly improve system security by only leaving the VPN port open in the firewall.
	== stupid question: is a school IP considered an open proxy? ==
			] (]) 01:19, 9 November 2017 (UTC)

			:It looks to me as though all these legitimate complaints about VPN blocking are being systematically ignored. There is no valid reason that confirmed registered users, when logged in, should be blocked from editing, just because of their IP address. I'm starting to believe that some administrators are compulsively and closed-mindedly pressing forward with this policy, "Don't confuse us with the facts". The only plausible explanations I can come up with for this prolonged behavior are... — well, understandably ''human'', but... — still not all that flattering. Respectfully, you guys need to review what you're doing, here.--] (]) 09:30, 22 November 2018 (UTC)
	Can someone explain to me why the following IP's were indefinitely blocked as open proxies:
			::I understand the concern about traceability, but requiring logins eliminates that. The only other thing I can think of is the concern over DDOS attacks - but those would apply to access to all of the organization's assets. ] (]) 03:27, 19 February 2020 (UTC)
	* {{vandal\|62.171.194.4}}
			:::@], ] it has gotten very ugly. Two Misplaced Pages editors were arrested in Saudi Arabia and who knows if it may have had something to do with the inability to use vpn. There is a discussion in ]. <span style="border-radius:8em;padding:0 7px;background:orange">]</span> ] 01:31, 9 January 2023 (UTC)
	* {{vandal\|62.171.194.12}}
	* {{vandal\|62.171.194.44}}
	While similar IPs from the same range, also repositories for petty vandalism, were labelled school IPs and given mostly short-term blocks:
	* {{vandal\|62.171.194.5}}
	* {{vandal\|62.171.194.6}}
	* {{vandal\|62.171.194.7}}
	* {{vandal\|62.171.194.8}}
	* {{vandal\|62.171.194.9}}
	* {{vandal\|62.171.194.10}}
	* {{vandal\|62.171.194.11}}
	* {{vandal\|62.171.194.13}}
	* {{vandal\|62.171.194.36}}
	* {{vandal\|62.171.194.37}}
	* {{vandal\|62.171.194.38}}
	* {{vandal\|62.171.194.39}}
	* {{vandal\|62.171.194.40}}
	* {{vandal\|62.171.194.41}}
	* {{vandal\|62.171.194.42}}
	* {{vandal\|62.171.194.43}}
	* {{vandal\|62.171.194.45}}
	I'm currently trying to draft a template to put on all these IPs, and I need to know if I can use the No Open Proxies policy as justification for an indefinite block of the whole range. If these are not Open Proxies, then '''none''' of them should be blocked under this policy. If you have a better suggestion for how to stop vandalism from these IPs, please contribute to the discussion at: ]--] 06:59, 15 May 2006 (UTC)

			== This is so dumb. ==
	: These are suspected ]s because they were used by a malicious zombie proxy bot. A few are blocked due to vandalism, but the others should not be since there's only circumstantial evidence that they're vulnerable. // ]</small>] ] (<sup>'']''</sup>/<sub>]</sub>) 17:41, 4 September 2006 (UTC)

			I'm trying to get into the ] website so I can check on a source for an article I posted. Here is what I got, a big message about "Proxies." https://en.wikipedia.org/search/?title=Bernard_Cohn_(politician)&action=submit I've noticed that somebody within the past few years has gone around and messed with ALL the LAPL library sources, and now I can't see the sources for all the articles I've created, and I've done a few hundred or more. I have GOT to be able to check the sources, and so does everybody else. What is the purpose of this? It seems to have been done with no notice to anybody. Sincerely, ] (]) 01:29, 27 September 2019 (UTC)
	==Hypocritical Policy==

			== Autoconfirmed editors should be allowed to edit through proxies. ==
	This policy of ] seems to be one of the most contradictory policies which exists on this project, and as such this policy should be revoked. My reasoning is set out below:

			Autoconfirmed editors should be allowed to edit through proxies. They've already shown that they're not vandals. Blocking them does nothing but prevent constructive edits. ] (]) 05:34, 29 September 2019 (UTC)
	<ul>
	<li>It contradicts the foundation issue of the "ability of anyone to edit
	articles without registering"</li>
	<li>It clearly hinders some contributors particularly those from the People's
	Republic of China and probably prevents some from contributing at all</li>
	<li>It contradicts the policy of "]"</li>
	<li>It adopts the policy of " ]"</li>
	<li>It gives the ] the power to block a wide range of IP
	addresses when there is no proof of ] as set out in the ]. This also makes a nonsense of the principle that all users should act as administrators (]).</li>
	</ul>
	I look forward to your comments ] 21:15, 6 August 2006 (UTC)

			:I'm not sure if this is an answer to my rant above, but if it means I can get back to my Los Angeles Public Library sources (as could anybody else with a Los Angeles Public Library card), I'm in favor of it. ] (]) 05:38, 29 September 2019 (UTC)
	: This page is Foundation policy, ''not'' a local policy, so it override any local policy such as ]. It does not prevent anyone from editing Misplaced Pages; users in censoring countries are free to use private, closed proxies or other bypassing or tunneling methods. It makes no good-faith or bad-faith assumption, but merely prohibits a particular method. Imagine a real-world policy that prohibits the use of ]s for civilian transportation. This does not in any way impact anyone's right to travel, since they're free any of a large number of other vehicles. // ]</small>] ] (<sup>'']''</sup>/<sub>]</sub>) 17:27, 4 September 2006 (UTC)

			:I would agree {{ping\|Benjaminikuta}}. Blocking not only open-proxies but any and all VPNs ''even for autoconfirmed editors'' does seem like a great overkill and puts editors' privacy and security at risk. Sadly, it doesn't appear that anyone of influence is reading the posts on this page. Perhaps there's a better location to raise these concerns. — ] (]) 05:46, 12 January 2020 (UTC)
	:: Imagine a fictional world policy where it's forbidden not to smile into every CCTV and where you might or might not get a job as a teacher, be allowed to travel into other countries or even spend the rest of your life in prison depending on your political opinion. This does not in any way impact anyone's right to say his opinion, since they're free to say what they want.--] 01:32, 8 January 2007 (UTC)

			:: Thanks for the reply. Perhaps we could start an RfC? But I'm not so familiar with the procedure. ] (]) 09:10, 12 January 2020 (UTC)
	==Blocking Logged in Users==
			:::The appropriate place to start would probably be ]. Speaking as someone who deals with abusive sockpuppets and sometimes partially helps to implement this policy, I'd say two things: First, autoconfirmed is no barrier and we often have to deal with multiple autoconfirmed sock farms hopping around multiple proxies. Second, before thinking about a RfC, have a good read of ], which is closely intertwined with this policy. -- ] <sup>]</sup> 14:26, 13 January 2020 (UTC)

			== How banned are VPNs? ==
	Why are users who have editing histories and are not new also being blocked from using proxies? It seems to me that if someone wishes to use ] or such and they are willing to log in they should be allowed to. This helps contribute to ]. Why must wikipedia have my real IP on file? ] 15:39, 4 September 2006 (UTC)

			"using a VPN to edit is not permitted."
	: Each registered user's IP address is stored temporarily so that administrators can deal with abuse. A registered user's IP address can only be determined by a very small number of carefully selected users, and is automatically purged from the database after a set interval of under a few weeks. Allowing users to create accounts from open proxies goes against the spirit of the prohibition against open proxies, since it undermines that safeguard against abuse.

			This was news to me!
	: Recent changes to the software allow administrators to block an open proxy and disallow new account creation, while leaving existing accounts unblocked; whether to do so or not is a matter of individual opinion. If you wish to safeguard your IP address, you are free to use a personal, closed proxy. // ]</small>] ] (<sup>'']''</sup>/<sub>]</sub>) 17:03, 4 September 2006 (UTC)

			Now, I recognise that there are good reasons to block some anonymising services. However ''for a logged-in WP account'', particularly one which is autoconfirmed, been here for years etc., why is their use of a VPN as an ''invisible'' transport mechanism from them to WP (for reasons which quite honestly are just none of our business) any sort of problem? ] (]) 16:55, 8 March 2020 (UTC)
	:: What I fail to understand is if I am a user with a history, why am I not allowed to use a proxy? I have already signed up without using a proxy. So wha tis the big deal with it? A legitimate reason to use a proxy that encrypts such as TOR is to prevent eavesdropping by an ISP or intermediary. It is not necessarily to hide from Misplaced Pages staff. You see the connection between the local computer and the remote proxy is encrypted. Another reason might be to help prevent against broad survalience whereby an entity does something such as "poll up a list of all people who accessed page X within the last year". I hold that user who has a helpful established history with wikipedia should not be prevented from using a proxy. If you do have problems with them, then you can suspend their account and they would no longer be able to use the proxy to edit. Using an open proxy should not be seen as abuse. Nor should it be construed to undermine safeguards when in reality it does no such thing. ] 21:06, 7 December 2006 (UTC)
			:Yeah, this is definitely not the case, but an uncommonly held misbelief which really should be corrected. You won't find it written in policy. -- ] <sup>]</sup> 17:41, 8 March 2020 (UTC)
	:::The problem is establishing whether a user has a legitimate history. It may be fine to allow you or any number of legitimate users in, but allowing registered users means that ''anyone'' who has merely registered an account is able to edit through these. This poses a problem with aged socks, etc., and it would only take one intelligent vandal to require that the open proxies be fully blocked to prevent it. —]→] • 22:36, 29 December 2006 (UTC)
			:: This was an admin refusing an unblock request (presumably some sort of IP ban collision). ] {{ping\|331dot}} ] (]) 19:26, 8 March 2020 (UTC)
			::: I have recently become aware that the requirements for IPBEs have been loosened from my initial understanding of them. I'm still working on this. ] (]) 19:31, 8 March 2020 (UTC)

			== Can open proxies be used in a countries that blocked Misplaced Pages? ==
	== Policy issue that needs to be addressed. ==

			Is there's exception that open proxies can be used for any countries that blocked Misplaced Pages (e.g. China)? ] (]) 18:01, 6 May 2022 (UTC)
	Please see . Should such servers be blocked? ] 02:49, 8 September 2006 (UTC)

			:See ]. ]] 07:03, 20 September 2022 (UTC)
	The discussion mentioned is now ]. No, such servers should not be blocked, and yes, the issue needs to be addressed. Urgently. ] 16:34, 5 November 2006 (UTC)
			:Use to access the WP without changing the IP address. ] (] \| ]) 01:06, 22 December 2022 (UTC)

			==There is a discussion at Village Pump==
	== Tor ==
			There is a discussion of this policy at ]. Your input is welcome! --<span style="border-radius:8em;padding:0 7px;background:orange">]</span> ] 15:58, 11 January 2023 (UTC)

			== Should we add a page about Google One/Private Relay? ==
	Same banned users and others that have "left" the project, are now using ] (http://tor.eff.org/) . What can be done? ] <small>] • ]</small> 04:09, 14 September 2006 (UTC)

			I know that Google One VPN is blocked. How about people using Private Relay from Apple- would that be considered an open proxy too? I think we might need to make a page about this as a lot of people might be using it and they may not be aware. ] (]) 19:57, 14 April 2023 (UTC)
	== Legitimate uses for open proxies ==

			==Just weird==
	There are many legitimate uses for open proxies. One notable example is China and its Great Firewall. With over a fifth of the world's population unable to edit Misplaced Pages via normal methods, this policy discriminates against a large percentage of the world's population. does not offer as good privacy protection as, say, TOR for example. This is a problem, for users in China and elsewhere, who are worried about being persecuted for their edits. According to ], "Blocks may be imposed where threats have been made or actions performed (including actions outside the Misplaced Pages site) that expose Misplaced Pages editors to political, religious, or other persecution by government, their employer, or anyone else." This policy is exposing Misplaced Pages editors to such prosecution. (And no, I'm not suggesting blocking anyone for following this policy, I'm suggesting changing the policy.) Not only users in China, but users in all governments that have restrictive laws (inclusive) or enforcement, as well as non-governments that monitor internet usage, for whatever reason. Yes, vandals and blocked users may use proxies too, but is the perfect state of Wikpedia's articles more important that people's lives and well-being?
			I know I'm about to bring out a lot of angry men shouting about sockpuppets, but it just seems bizarre to me that Misplaced Pages allows people to edit through random URLs without registration, but apparently can't find a way to allow registered editors with thousands of good edits to edit through a commercial VPN.] (]) 13:38, 2 March 2024 (UTC)

	If you think that editors who have such concerns simply shouldn't edit, isn't that against the spirit of the Foundation policy that anyone may edit? And doesn't it encourage ] by discouraging editors from China and other places with restrictive goverments from editing, and discouraging the editing of controversial topics?

	To make it absolutely clear, I '''strongly oppose''' this policy. I would support soft-blocking proxies such that anon IPs could not edit, but registered users could.

	— ] (]\|]) 01:07, 21 October 2006 (UTC)

	== Why indefinite blocking? ==

	I have asked the same question at ]. What is the reason for indefinitely blocking? These IPs are going to change at some point, and someone is going to have to take the time to unblock them all. Why not block for 1 year or 3 years? —]→] • 02:23, 21 October 2006 (UTC)
	:The wording and the default block length for the proxy template have since been changed. —]→] • 01:03, 25 May 2007 (UTC)

	== Are you trying to ban Thailand? ==

	I '''strongly oppose''' the use of this policy to block positive contributions from established, registered users. Two of the biggest ISPs in Thailand, True internet and CS Loxinfo, have been blocked under this policy. I have to wonder what "open proxy" is supposed to suggest in this context.... these are paid services; I very much doubt that trying to use IPs such as 203.144.144.164 (True) and 203.146.247.78 (CS Loxinfo) through a proxy client would get anyone very far....

	CS Loxinfo is Thailand's Biggest Internet Service Provider. It is operated by ], which holds a monopoly on satellite operation in the Kingdom of Thailand. I can't imagine that blocking such services is what this policy was intended to achieve.

	The indiscriminate application of this policy has now made it extremely difficult for me to edit Misplaced Pages, and I presume that other Thailand based users must be having similar problems. I will persevere, for now, with other ISPs, in the full expectation that these, too, will eventually be blocked as "open proxies". Of course, if every ISP I can possibly use is going to be systematically blocked, I will eventually be obliged to take an extended wikibreak.... along with thousands of other users in the Kingdom... until the application of this policy is reconsidered. ] 06:19, 5 November 2006 (UTC)

	== Solution of the problem: more action - more reaction ==

	There is no need to block any open proxies. Instead of this You can maintain automagically (not, as now, manually) generated list of ip addresses that are most frequently used to vandalize Misplaced Pages. Let Wikipedians that are somehow more trusted (for example having at least x edits) report vandalisms from ips in a format that can be easily understood by Misplaced Pages computers. Those computers would count cases of vandalism and in situations when number of edits from some address that are vandalisms would in some period of time be greater than some value (let it be 1/month) they would put this address on a list of restricted (not blocked) addresses.

	Not logged users making edit to some Misplaced Pages article from those restricted addresses would everytime have to first pass defenses set by Misplaced Pages (for example they would have to write in a form a long sequence of random letters that they would see on an image). If, despite of those measures, number of vandalisms in edits from some address would increase, defenses would be automagically toughen (the number of random letters to write in would be increased), and, inversely, when number of vandalisms in edits from some adress would decrease, defenses would be relaxed and the number of letters to write would be decreased (to 0, when number of vandalisms would drop below 1/month).

	Simply speaking: it would give to users of all open proxies ability to edit Misplaced Pages, and Misplaced Pages ability to keep number of vandalisms made using open proxies on low level, with much less manual work.

	Lukasz 2 February 2007

	== Users from China are banned by this policy ==

	This policy effectively bans users from China. I've previously used Tor to circumvent the block, but it stopped to work after I updated Firefox to version 2.0. I think it's because the Switchproxy plug-in for Firefox doesn't work. Even Tor was not a good solution, because for most users it's too difficult to install. Anyway, I've not been able to access articles since then without using an open proxy. The alternative access to Misplaced Pages explained somewhere else ( ) also doesn't work any more. I strongly oppose the ban, and I'm forced to breach it to even make this statement. —] 03:33, 9 February 2007 (UTC)

	:There is no way to not have this ban. If open proxies were allowed, they would be repeatedly and endlessly used by vandals—and therefore blocked just as they are now. The only difference is that with this policy they are blocked before the vandalism. —]→] • 03:32, 16 February 2007 (UTC)

	::Correction: They are blocked whether there is vandalism or not. I also strongly oppose this policy. The number of good faith editors that are hit hard by it is too large to call it accidental any more. - ] 12:26, 19 February 2007 (UTC)

	::: "There is no way not to have this ban"? There is no way not to exclude one fifth of the world population from Misplaced Pages? There is no way not to exclude a community of Internet users larger than in the United States? (On the number of Internet users in China, see Natalie Pace, , ] 2006; , ] 2005)
	::: There must be a way! Pre-emptively blocking such a large number of users is totally out of proportion. This policy exacerbates the ] of Misplaced Pages. —] 03:44, 25 February 2007 (UTC)

	I agree with Babelfisch and Andre Engels that this is a huge problem. You are probably blocking more good faith editors than vandals with this policy. Note that these good faith editors even might have helped you vandal-hunting.--] 12:08, 25 February 2007 (UTC)
	:Because it only takes one vandal to make use of thousands of proxies to cause havoc, it makes no difference how many persons are affected by the block. Welcome to the technology age: one person has through technology more power than 100 million Chinamen manually reverting vandalism. —]→] • 19:02, 25 February 2007 (UTC)

	:: ], your racist slur is not appreciated. —] 05:41, 22 March 2007 (UTC)
	:::Huh? —]→] • 03:27, 31 March 2007 (UTC)
	::::I've modified the word, since he indicates he didn't know it was offensive. ]·] 06:30, 31 March 2007 (UTC)

	::::: How can you "modify" another user's contribution in the middle of a discussion? If he "doesn't know" that "Chinamen" is an offensive term, why "help" him by replacing "Chinamen" by "Chinese people"? This is ridiculous. —] 07:47, 2 April 2007 (UTC)

	As there seems to be no willingness to solve this problem on this discussion page, I've also started a discussion here: ] —] 07:29, 3 April 2007 (UTC)

	== Suggestion of proxy open parts of wikipedia ==

	Could we create a second proxy open talk page or open the talk pages for proxies? This would allow many more user's to contribute (sourced information can be presented on the talk page and than inserted by users who can edit the article). Talk page's didn't seem to be sexy enough for most vandals, so I presume the chances of an increased misuse are comparably low. ] 18:58, 25 February 2007 (UTC)
	:That becomes useless once it is used by vandalbots. —]→] • 18:59, 25 February 2007 (UTC)
	::And you can't use vandalbots on wikipedia without proxies? Besides if we use a seperate page it is quite simple to require a registration for edits. ] 11:38, 26 February 2007 (UTC)
	:::If you use vandalbots without proxies, the IP address or even range which it uses is blocked. If you use them with open proxies, there are thousands upon thousands of IP addresses of all designation which can be used endlessly, unless open proxies are blocked. —]→] • 17:22, 3 March 2007 (UTC)

	:I can see some potential value, although I'm not sure how much demand there would be. There are already many, many articles with no talk page activity so I'm not sure that adding a second talk page would gain much, particulalry since it would need the good graces of another user to transfer material across.
	:I'm not sure how it could be achieved, but I'm sure it could be worked into the mediawiki software.
	:] 20:37, 2 March 2007 (UTC)

	== "banned" ==

	In other contexts, "banned" means that all such edits may be reverted on sight, regardless of 3RR. Can it be clarified that this does or does not mean that here? It's being argued elsewhere that it does (and, that, incidentally, if someone you edit war with later turns out to be an open proxy, your 3RR block can be overturned, even if you weren't "reverting open proxy edits" at the time): ] --] 12:04, 14 May 2007 (UTC)
	I've made an edit suggesting an alternate wording. "Banned" is a term that has a specific meaning here and should not be used. --] 12:07, 14 May 2007 (UTC)

	:In the other usage, the ''person'' is banned. Here, the ''service'' or the ''IP address when an open proxy'' is banned. —]→] • 19:18, 18 May 2007 (UTC)
	::Is it or is it not "banned" in the sense of allowing unlimited reverts to any edit made via an open proxy (no matter how productive the edit might otherwise be)? I'm not being hypothetical; this wording _has_ been used to make that claim. --] 23:57, 15 June 2007 (UTC)

	== Stupid Policy ==

	What next? Should we block all muslim users because they ''may'' vandalise certain pages? Should we block American IP addresses because they ''may'' vandalise and misspell words? Or how about blocking all Nigerian addresses as they could be used in scams and user page spam? This policy is stupid. The vast majority of vandalism I've detected on Wikibooks and Misplaced Pages comes from closed IP addresses and usernames. How much time is being wasted on this policy? As an administrator on Wikibooks I refuse to take any part in this joke policy. ] 11:58, 3 June 2007 (UTC)

	:This policy affects no one who is not otherwise able to access the Internet. If you block these ethnic IP address that you have peculiarly chosen, you have blocked the person's primary and only IP address; if you block an open proxy, the person is free to use their primary Internet access. On the other hand, if you do not uniformly block these ethnic IP addresses, and a person using one vandalizes, the vandalism can be effectively stopped by blocking the ethnic IP address; but if you do not uniformly block open proxies, and a person using one vandalizes, they are perfectly capable of moving on to another open proxy, and another and another if you block them, leaving you to play Whac-A-Mole until all the open proxies are blocked anyway, thus resulting in the same result you tried to avoid by not blocking open proxies, but with a battle-field of vandalism in your wake. How much time would be wasted on reverting untraceable, unpreventable vandal bots if open proxies were not blocked? You consider it a joke because you do not understand it and have chosen a very poor analogy to try to make sense of it. —]→] • 21:38, 3 June 2007 (UTC)

	::Blocking all ] seems reasonable to me : ) But here is my side of the issue we have this person A who goes to the library to find info about Eric lafleur and all he finds is a page that has been blanked and has a huge sign IS A COCK SUCKER now this person A has been through this before all he needs to do is to go to the history and reverse it, But then we have the person B who goes on the school computer goes to wikipedia and starts to vandalise wikipedia as fast as he can and replaces Eric laFleur with IS A COCK SUCKER now here we have a paradox(I think this is one please make the wiktionary explanation more understandable) If the person a in the library is blocked he cant reverse person B! But if you admins or who ever decides it decide to actually do activate this policy please dont make the same stupid mistake as they did on the finnish wikipedia that they blocked the talk ability also. Also dont bann libraries or net café's c'uzz I dont think anyone would go through the trouble of paying or reserving a computer just to go to wikip. and vandalise! O_z do you? ] 00:09, 10 June 2007 (UTC)

	:::Oh and BTW theres more trouble in vandalising than blocking and reversing! O_0 ] 00:13, 10 June 2007 (UTC)

	== A general statement ==

	I do not intend this to be a decree or anything overriding policy. This is merely a statement.

	I think this policy is currently overbroad, in that it does not appear to take proper recognition of the incredible good we can do by working within reason to allow and encourage people who have special circumstances to be able to edit using anonymizing tools such as Tor. As I am told, we have recently switched from soft blocking Tor exit nodes (something I approve of, due to the incredible firehose of vandalism they can be otherwise) to hard blocking Tor exit nodes (something I do not approve of, since this totally forbids Tor users from editing Misplaced Pages at all, rather than merely imposing a 4 day waiting period on them).

	I would like this policy to be (thoughtfully, slowly, and with due consideration for all valid viewpoints) revised a bit to include a stronger acknowledgment that editing via open proxies can be a valid thing to do.--] 03:38, 4 June 2007 (UTC)
	:There is nothing that says editing from an open proxy is 'bad'. The ban is a technical matter, not like a ban of an individual user, though practically the only people who are ever noticed to be using open proxies are sockpuppets of banned users—others that happen to find and use open proxies do so without harassment. —]→] • 07:23, 4 June 2007 (UTC)

	I do not know if I have changed my mind from . But I don't think so. I still support generally blocking anonymous proxies, but I support using soft blocks rather than hard blocks.--] 03:41, 4 June 2007 (UTC)

	:I'm going to have to agree with this. I think our blanket "cannot use open proxies" policy is inherently a bad thing, at least in regards to Tor. While I will admit a good many vandals do use Tor, we also have a good many users (including all of China) who are unable to edit just because we said "sorry, we choose to not let you contribute." I think we're better off letting Tor be open and deal with vandalism/sockpuppetry as it comes along, rather than making an at-large ban and shutting out potentially constructive members of our community. <span style="color:red;font-weight:bold">^</span>]<sup></span>]]</sup> <em style="font-size:10px;">03:57, 4 June 2007 (UTC)</em>

	::This is something I will have to agree with also. Soft blocking allows us to attribute edits ot a single username (hopefully), and the editor can be accountable for that, while allow us to effectively keep the shared stuff out. I think this is a good meeting in the middle. Some folk do have valid reason to be using a proxy, lets allow this type of editing, with a registered account. ] 04:07, 4 June 2007 (UTC)

	:::Does anyone have examples of when it would be a good thing to edit from open proxies, other than the examples that are always mentioned (living in China, certain other countries)? ] <sup><font color="Purple">]</font></sup> 04:54, 4 June 2007 (UTC)
	::::Slim, sure, see ], a member of ] who is blocked due to his hosting of a tor exit node. —— ''']'''</font><sup>]</sup> 08:41, 4 June 2007 (UTC)
	:::::Presumably he can stop hosting the tor exit node, but it would not be a problem to soft-block only this one particular IP address, unless of course a vandal discovers the "tor node that can never be banned". —]→] • 18:38, 4 June 2007 (UTC)
	::::Contributing facts that could be seen as disturbing to employers, police, politicians, family, or friends in regions where Misplaced Pages is blocked is almost certainly more risky than doing the same in regions where it isn't. ] 19:40, 4 June 2007 (UTC)

	:::That "hopefully" is not insignificant. It is trivial for someone to create a bunch of sockpuppets on a non-blocked IP and then bounce around on open proxies that are unaffected by autoblocks—in fact, they can set a bot to do it while they go to the beach. Soft-blocking does not force edits to be attributed to a single username. The people who use open proxies maliciously or to circumvent a block are the same people who will create a bunch of sockpuppets. They do the same thing without open proxies, but when checkusered they are easily identifiable as the original banned user and they are held up by autoblocks such that, even if they happen to have a dynamic IP address that is re-assigned on-demand it requires disconnecting from and reconnecting to the ISP, and which IP addresses are nevertheless usually contiguously range-blockable rather than scattered across the whole IP address space, and the person is ultimately if necessary correctable through the ISP. —]→] • 07:23, 4 June 2007 (UTC)

	I could support the reverse of a soft block for Tor proxies, that is: disallow editing from logged-in users through open proxies. Tor proxies are already anonymized: there's no need to anonymize them further by allowing multiple-ID sockpuppetry through them. At least a user under a Tor IP makes it clear that he or she is using a proxy. Here's another idea in the same direction: edits that come from Tor notes should be clearly marked to non-checkusers as potentially suspect; that would allow people to use Tor to circumvent local government censorship, but still give us a chance to prevent large scale abuse. ] (]) 08:50, 4 June 2007 (UTC)
	::Nothing in the software would allow these things at present, however, it might be reasonable to require that people editing through Tor make this known by a user category. That would make it pretty easy for non-checkusers to watch them. It might tread a little too close to ], then again, maybe not. ··]] 23:38, 4 June 2007 (UTC)
	:::A voluntary solution basically means we ask people nicely to declare all their sockpuppets. That is known not to work with abusive sockpuppeteers. AGF is not a suicide pact. If we do want to allow editing through open proxies, we need a technical way to flag them and think about the consequences this will have on policies such as the 3RR that become almost unenforceable. ] (]) 05:39, 5 June 2007 (UTC)
	::::I wasn't necessarily suggesting a voluntary solution. If it is important to keep track of who's using open proxies (and I'm not commenting on that importance one way or another), then we can have a clause that says "If you are using an open proxy, you must put your user page in this category or you will be blocked." We already do not have a technical means for dealing with open proxies automatically, and there are a great many of them that are unblocked. Anyone suspected of sockpuppeting can be put under CheckUser, as is the current system; if they are found to be using open proxies undeclared, that would be a violation. I'm not endorsing this, I'm offering it; if the community wants it I wouldn't oppose it. ··]] 06:16, 5 June 2007 (UTC)

	*Jimbo, if you can provide some data showing that anything other than a minuscule percentage of Tor use is something other than vandalism, you'll have a chance of changing the minds of the checkuser operators who deal with this issue on a daily basis. Anonymity is bad enough; but there's a difference between freedom and license, and open proxies are license to abuse. --]<sup><small>]</small></sup> 13:54, 4 June 2007 (UTC)
	:"Anonymity is bad enough"?!? I am still astonished, after all the statistics comparing the contributions of anonymous contributors to their vandalism, that this attitude still exists. If that is how you really feel, why don't you work on Sanger's project instead? ] 19:36, 4 June 2007 (UTC)
	::Where can I find these statistics? The conventional wisdom as far as I can tell is that 90% of IP edits are vandalism. —]→] • 04:21, 5 June 2007 (UTC)
	:::People get this bit of "conventionally wisdom" ] wrong because, even though ] somewhere around ] and It has not escaped my attention that the most recent statistical studies have set out to measure the former while ignoring the latter statistic. I find that very disappointing. ] 09:28, 5 June 2007 (UTC)

	== Whitelisting users ==

	Now, I know that there is currently no technical means of 'whitelisting' users on en for using open proxies short of making them administrators (which is hardly a solution.) However, ignoring technical constraints, can anyone think of a reason why, at a bare minimum, individual users should not be able to make an appeal to an administrator to be exempt from NOP? The only case when I can see such a situation being advantageous to a user with a single registered, exempted account is when they're subject to a checkuser; and, in that case, the use of an open proxy would be enough to confirm any suspicions that lead to a checkuser in any case... a user who requests permission to use an open proxy for the purpose of sockpuppetry and vandalism would be shooting themselves in the foot by attracting extra attention. --] 03:09, 5 June 2007 (UTC)
	*I'd be curious to hear any arguments against such a tech fix. --]<sup><small>]</small></sup> 03:37, 5 June 2007 (UTC)

	*We treat fixed IPs differently in some circumstances, but open proxies are the polar opposite. If we whitelisted open proxies I'd suggest that we make it time-limited, with a presumption of short periods. So if a known user needs to use an IP that's been identified as an open proxy then they could get it for a day. I don't think we should leave the IPs whitelisted for long unless of course they're no longer open proxies. ]] ] 07:16, 5 June 2007 (UTC)
	*:Oh, I don't think this is what is meant by the proposal. As I understand Aquillon's proposal, there would not be a whitelisting of IPs, but a whitelisting of certain users to use open proxies. Other users from the same IP would not get the same consideration. In the case of Tor, for instance, a user cannot predict or choose what their IP will be, and the IP will automatically and randomly change on intervals between ~2 and ~30 minutes. I understand it would be technically possible to hack the Tor client and force it to use a particular exit node, but programming is far beyond the expertise of almost every user, and I am pretty sure that the default Tor client does not offer such a function, not even optionally. ··]] 10:25, 5 June 2007 (UTC)
	*Allowing a whitelist for certain types of blocks sounds like a possible idea. Still, it remains unclear how we can protect the privacy of people who want to be on the whitelist and prevent abuse at the same time. It is not so difficult for people with existing accounts that want to start editing through an open proxy. But how should editors from China apply to become whitelisted, and how do we ensure we don't whitelist a dozen accounts for the same new user? ] (]) 10:59, 5 June 2007 (UTC)

	== How do you distinguish between ] and proxy? ==

	I note above that nearly the entire country of Thailand was blocked from editing after just two blocks of ISPs. I submit that this policy, as it exists today, is firstly flawed in fundamental ways without hope of repair as can be seen from the definition of the words used in the policy, and secondly, not in accordance with any of the edicts of Jimbo Wales unless those edicts are themselves self-contradictory. Folks, we are running out of IPv4 space, and IPv6 hasn't been catching on. Given the nature of WHOIS and similar information, and popular, widespread, and increasing use of network address translation (NAT), '''this policy has and will continue to result in the banning of public WiFi and OPAC terminals, entire mobile telephone companies, entire ISPs, and huge regions. The accuracy of this method is likely to decrease.'''

	We must ask: Is this policy worth preventing editing from public terminals, such as may be found in libraries? --'']'' → ] 15:31, 6 June 2007 (UTC)

	:NATs do not show up as open proxies on port scans or on proxy and spam blacklists. Thailand IPs, public WiFi, and libraries are blocked, if and when they are indeed blocked, because of repeated vandalism, not as open proxies. —]→] • 17:42, 6 June 2007 (UTC)

	::I know for a fact that public WiFi networks have been blocked as open proxies. Where is the procedure for deciding whether an address is an open proxy? ] 01:00, 7 June 2007 (UTC)
	:::Which? Please let us know. --]<sup><small>]</small></sup> 01:45, 7 June 2007 (UTC)
	::::That was some time ago. I will test it and tell you if it's still blocked. Is there are procedure, or do people just wing it? --'']'' → ] 02:24, 7 June 2007 (UTC)

	:The distinction is quite simple: an open proxy allows anyone from "outside" its network to edit Misplaced Pages from its IP address; a NAT without any open proxy would only allow people from "inside" its network to do it. Of course, most times a NAT is blocked as an open proxy happen because one of the machines behind it is an open proxy, making the NAT external IP address the one used to edit Misplaced Pages. --] 01:59, 7 June 2007 (UTC)

	::Does anyone believe that the accuracy of this method will increase? --'']'' → ] 02:25, 7 June 2007 (UTC)

	:::What do you mean? This is a problem with any blocking. If someone behind a NAT is vandalizing repeatedly, the NAT would be blocked and you have the same collateral damage. IPs that repeatedly vandalize are blocked for long periods of time too. This has nothing to do with open proxies. —]→] • 18:46, 7 June 2007 (UTC)

	== How do you know whether an IP is a Tor node? ==

	Is there a list of "well-known Tor nodes" somewhere? How would someone know that a series of edits by several different IPs were all from Tor? If they are "well known", and are prohibited from editing, why are they not permanently blocked?

	Also, if
	# A regular user makes a bad edit
	# Bad edit is reverted by a Tor node
	# Regular user reverts Tor node

	Does that mean it is automatically against policy to revert back to the Tor node's version and we should keep the bad edit forever?

	See ] for a claim that this "is how it works" and that there are no exceptions. — ] 19:45, 9 June 2007 (UTC)

	:There are lists of Tor nodes, I even gave you a on your talk page nine days ago. Failing that you can just do a Google for the IP address, usually it will have been spotted on other Wiki projects in different languages. The Tor IPs change fairly rapidly, although it's possible to automatically block IPs from editing based on the well known Tor lists this isn't done here for some reason. ''']]''' 01:37, 10 June 2007 (UTC)

	: No, you're looking at it incorrectly because the Tor node edit is irrelevent since reverting a Tor node edit doesn't count towards 3RR and if the user's initial edit is bad then the subsequent revert (of the Tor node revert) will get reverted by an editor that isn't hiding behind a Tor node. The example you gave above is not the same as the situation involving your edit which you linked below. ''']]''' 01:37, 10 June 2007 (UTC)

	: In that situation ( ] ) you used your revert to put back your own text that had already been reverted. You did two wrong things there 1) putting back text that had been changed by a Tor exit node and 2) edit warring by putting back '''your''' text that had already been reverted. Lets not forget your change was reverted by three different editors and was also for being of questionable behaviour. The Tor node edit can be reverted regardless of merit, so it is irrelevant that you think the Tor exit node made a "good edit" by putting your text back. A Tor node edit that just happens to put your text back would also tend to look like sock puppetry. ''']]''' 01:37, 10 June 2007 (UTC)

	:Tor nodes are most easily checked using . Open proxies of other kinds are not identified there. I do not presently know of a comprehensive list of tor nodes, but you are welcome to try finding one and using it to block them all. Do note though that tor nodes are the open proxies that are most likely to change.
	:If a tor node reverts some vandalism then it is pointless to revert back to the vandalism on a point of procedure. If by "bad edit" you instead mean a change of content with which you disagree, then you should not edit war on behalf of a presumably banned user. —]→] • 00:34, 13 June 2007 (UTC)

	:: The claim that was made is that reverting to a Tor user's version is automatically against policy. This is clearly wrong. If I revert to a previous version of an article, regardless of who originally created it, I am taking responsibility for that edit being the current version. — ] 01:05, 13 June 2007 (UTC)
	:::You are again missing the point that you were replacing your own text that had been reverted, not someone elses text. I correctly removed the text because it was added by a Tor proxy. So either you accept you are edit warring or if you claim ownership for replacing the text from the reverted anonymous proxy you accept you were the one using an open proxy to replace the text. Either way, your edit is wrong in the example I gave. ''']]''' 01:39, 17 June 2007 (UTC)

	::There is a comprehensive list of tor nodes at http://moria.csail.mit.edu:9031/ (the same list can be found at the other two directory servers; it's very up to date, and AFAIK ''all'' tor outproxies should be in it, since it's what Tor itself uses). We are only concerned about the nodes which are outproxies (aka "exit nodes") and which allow access to Misplaced Pages; so check the <code>accept</code> and <code>reject</code> lines before blocking (in particular, nodes which only have <code>reject :</code> are ''not'' outproxies and should not be blocked just for being in the directory). --] 23:55, 15 June 2007 (UTC)

	== What could Chinese users really do? ==

	Misplaced Pages prohibits open proxies due to the frequent abuse. On the other hand, users within PR China are censored and must use a means (like Tor) to bypass the great Firewall. If they are users with good intentions, how exactly can they get by that rule? I currently get the impression that many users consider NOP to be something that must be observed at all times, and frown upon the usage of Tor nodes no matter what.--] 15:57, 16 June 2007 (UTC)

	== TOR again ==

	OK, it looks like the community is somewhat split on whether TOR should be permitted. Checkusers with experience of dealing with open proxies have highlighted areas of particular concern concerning sockpuppetry. What I'd like to see is if there's some way we could come to a satisfactory compromise which permits registered users to edit through TOR without the myriad of other problems, primarily sockpuppetry. My preference would be to see TOR nodes automatically softblocked (this is, preventing editing without an account (anonymous editing) and disabling account creation) blocked through the use of a dreaded admin bot on a daily basis. Former TOR nodes would be unblocked at the same time. It's clear checkusers believe that undetected open proxies are being used to create multiple accounts, so I would also propose a limit of 1 account registration per IP address per day. This difficulty in building up a sockpuppet "army" should help in dissuading mailicious editors from engaging in sockpuppetry as it would take a long period of time to build up a large sockpuppet army. TOR users unable to register an account would be required to e-mail unblock-en-l and have an account setup as is normal process at present for those on softblocked IP addresses. Unblock-en-l members should be permitted and encouraged to share information from e-mail headers with the checkusers here in the event of suspected abuse of an account. ] 16:27, 16 June 2007 (UTC)

	: I definitely support this. Tackling an editor who uses Tor is not fun. :( ''']]''' 01:40, 17 June 2007 (UTC)

	: The part about using a bot to block TOR nodes seems ]. I certainly hope the community is less worried about a bot rising up against the admins and taking over than they were last year. We should see if Tawker is still interested in running such a bot, TOR blocking is monkey work. --] (]) 08:30, 17 June 2007 (UTC)

	::It wouldn't have to be a bot; in fact, it would be better to implement this as a MediaWiki extension. We could base the code on , though as far as I can tell even that's in fact little more than a fairly thin wrapper around the directory features of the TOR client itself. —] <small>(])</small> 16:01, 19 June 2007 (UTC)

	:A softblocked tor node is equivalent to an unblocked tor node for the purposes of a vandal. —]→] • 17:42, 17 June 2007 (UTC)

	*I wonder if it would be useful to expire accounts that have been created but never used; a lot of the time, what we find when we CU is Tor IPs with lots of sleeper accounts. --]<sup><small>]</small></sup> 17:51, 17 June 2007 (UTC)

	:It would be helpful to do that, because sleeper accounts are used to bypass semi-protection. ] <sup><font color="Purple">]</font></sup> 18:15, 17 June 2007 (UTC)

	::The expiration time would have to be updated whenever the user reads Misplaced Pages while logged in, not just when editing, though. Otherwise, we'd be expiring the accounts of people who don't edit, but log in just to be able to, say, use a non-MonoBook skin. —] <small>(])</small> 16:07, 19 June 2007 (UTC)

	:Agree, has a bug report been filed with this suggestion yet? ] 18:31, 17 June 2007 (UTC)
	:I also agree that this is worth investigating. ] 22:02, 17 June 2007 (UTC)
	:I also agree, fwiw. ''']]''' 07:42, 22 June 2007 (UTC)

	] ] 23:41, 17 June 2007 (UTC)

	== How to tell if an IP is an open proxy ==

	Will someone please tell me how to tell if a IP is an open proxie on my talk page. Peace:)--] 00:13, 17 June 2007 (UTC)

	:I don't know if anyone will actually give this information here. The practice is somewhat, ]. However, a google search on the subject may be more, forthcoming. Best regards, ] 01:00, 17 June 2007 (UTC)

	:]s, public ] lists, ]s. In the past, certain very distinctive edits have also been considered sufficient by themselves to identify an IP as an open proxy, although I made a small tweak to MediaWiki about 6 months ago that ''should'' have stopped at least a specific class of such proxies from editing in the first place (and I haven't personally seen any since, either, so I guess it probably does work). —] <small>(])</small> 16:14, 19 June 2007 (UTC)

	==Destructive-editing-resistant Tor unblocking==
	ArmedBlowfish, unable to edit because he runs a blocked Tor exit, has posted this to his talk page:
	: ]. --] 06:31, 20 June 2007 (UTC)

	== Copying from Meta ==

	I removed the language that says that we copy from Meta, because obviously we don't. I believe we should stay separate for now, until this issue is sorted out. ] 00:15, 22 June 2007 (UTC)

	:Isn't the whole point of the notice to let people know that we should ultimately be synchronizing them, though? I don't see how a conflict is a good reason to remove that.

	:Also, is there a reason to treat this as a rule violation? If we're accepting Jimbo's suggestion, it seems we should be amending to say these get blocked easily, but not that it will be treated as a violation itself. This makes sense to me for several reasons: 1. The main reason for this policy was vandalism and soft blocking solves that, 2. Sock puppeting can be revealed in other ways, and 3. People who try hard can sock puppet anyway, either just by doing it or by more sophisticated methods. Meanwhile, many people care deeply about privacy, and don't want anybody knowing their IP, while the idea of having people explain their reasons in detail to justify this is obviously unsatisfactory. Finally, practice seems to be to block the proxy rather than the person, which suggests we should want our policy consistent with what the checkusers are actually doing. So what goes the other way? ] 01:20, 22 June 2007 (UTC)

	::Although vandalism is an important concern, often vandals are hit-and-run from some random address, and the open proxy ban will not help that much. The more important need for the open proxy ban is due to the recent infiltration of WP by sockpuppet admin accounts. Those are long term users with long term goals, and having the ban in place will help mitigate (though not directly solve) this problem. The 'need for privacy' is more than offset by WP's need for survival - with a number of rogue sockpuppet admin accounts, and potentially even checkusers in place, one can imagine the internal corruption and mayhem that can result. To this date, besides the Chinese dissidents issue, who are able to ''read'' WP via open proxies, I am not aware of any legitimate need for editing via open proxies. ] 01:31, 22 June 2007 (UTC)

	:::When you really balance it, though, I'm just seeing very little accomplished by this policy. To break this down: if we're talking about the trojan admin situation, then, the cases where this would really kick in are ones where somebody has a suspicion on two accounts and raises enough evidence for a checkuser, but then that person gets off because they're using an open proxy. Yes? Well how about this: if that starts to becomes a problem, then checkusers could either report the use of an open proxy, or privately tell the person that their proxy will be blocked, and they will now have to find another means to edit Misplaced Pages. Would this address the problem? ] 01:44, 22 June 2007 (UTC)
	::::I am not an expert in this, but my guess would be that this would not be sufficient. I think the trojans are very shrewed operators, and they will use a variety of IP addresses. There may also be a large random traffic of open proxy influx, often it may not be instantly evident whether a given IP is an open proxy or not, so it may not be practical to start sending messages to all possible open proxies. Also, sometimes it may be prudent to lie in wait, in order to trap a large scale infiltration scheme, so it doesn't always make sense to alert the perpetrators immediately. In any case, I think the experts who are running CU on a routine basis and hunting the rogues should opine here, if they can. ] 01:55, 22 June 2007 (UTC)

	::::Well the policy as it stands allows for swift removal of changes made by any open proxy, regardless of the merit of those changes. This is an important part of enforcing against anonymous sock puppet activity and attempts to circumvent 3RR. ''']]''' 07:48, 22 June 2007 (UTC)

	:::::I think that would still make sense; the question is if it's necessary for established user accounts though. To Crum, it would still seem we're talking about a relatively small number of cases: those established accounts that have raised suspicions of sock puppetry and where a checkuser reveals them to be using TOR. I'm thinking a checkuser result to that effect would let the community deal with the situation without needing to hard block and ban all such users on sight (are you suggesting something else?). ] 11:50, 22 June 2007 (UTC)

Latest revision as of 13:39, 2 March 2024

This is the talk page for discussing improvements to the Open proxies page.

Put new text under old text. Click here to start a new topic.
New to Misplaced Pages? Welcome! Learn to edit; get help.

Shortcuts

Archives: 1, 2

This is not the page to report suspected open proxies. Please instead create a report at Misplaced Pages:WikiProject on open proxies.

A confused editor gives a technical perspective on the policy of hardblocking open proxies

I've been reading, trying to figure out where the broad consensus that hardblocking, rather than softblocking, anonymous proxies is necessary comes from. I'm a computer scientist, and it deeply offends my sensibilities that Misplaced Pages, a Layer 7 application, makes decisions about me based on my choice of Layer 3 address. I can appreciate the cleverness of using IP addresses as credentials for anonymous users, and understand the need for IP blocks to fight anonymous vandals, but if a user has an account, they're just as easy to block no matter what IP they're logging in from.

The lone exception I've been able to find is in WP:ABK. This is an interesting and, once again, technically clever system, but it's clearly a hack; it relies on certain aspects of the Internet Protocol that are usually true but not guaranteed. The advent of mobile computing has forced me as a computer scientist to start dealing with situations where a user's session is not tied to a single IP at all, but could roam between multiple IPs, which is not a trivial issue to deal with (especially over UDP or other unreliable transport: barrels of ink have been spilled over handling this problem in VPN protocols). I typically carry a second IP in my pocket (my iPhone's LTE is as fast as my cable, albeit more expensive), and I can obtain a new one from my cable company at will by tweaking my router's MAC address. IPv6 has already been officially turned on, and it typically hands out thousands or millions of IP addresses to every customer; IPv6-only clients can connect to IPv4 servers using 6to4 or Teredo gateways, which mask their "real" IP just as effectively as anonymous proxies do; since they aren't actually HTTP proxies, though, don't expect the X-Forwarded-For header to solve all your problems!

In short, blocking anything that breaks Autoblock is short-sighted and misguided. Misplaced Pages is one of the pioneers of the internet community, and it has a responsibility to encourage new and innovative uses of technology, not hinder them because they require more effort to control.

It seems to me that the IPEXEMPT flag would strike a good balance between automatic sockpuppet prevention and ease-of-use, but current policy is that this flag is given only in "exceptional circumstances," requires trusting an editor with an "admin tool," and that it can be revoked preemptively. I don't understand how this flag could be treated as such a sensitive tool. A minimal level of human (admin) verification needed to assign this flag to an account, on par with the scrutiny for receiving rollback, would effectively prevent the creation of sockpuppet armies, and prevent the use of stolen accounts (which would probably not have applied for the IPEXEMPT flag). (If more assurance that an account would not be stolen in the future were needed, it would be simple to require a prospective IPEXEMPT editor to have a committed identity.)

I'm interested in the community's thoughts on this subject. It's my hope that I can provide a valuable technical viewpoint to the consensus-building process.

MrNerdHair (talk) 07:24, 1 March 2013 (UTC)

@MrNerdHair: It's been nearly 7 years and no one has responded to your concern. Sad. I completely concur. For the last couple of years my ISP has no longer given me a unique public IP address, I only have an internal 10.x.x.x address and I'm routed in a NAT-like fashion through a public IP that is shared with many other customers (dozens, or possibly hundreds—who knows). Wikipedians are actively hunting down all the IP addresses of VPNs (even paid ones, see below) and blocking them too. Even while logged in with my email verified I have to disable my VPN in order to edit Misplaced Pages or even post on a talk page. I think that policy is putting editors' privacy at risk and it's discouraging me from contributing. — SimonEast (talk) 05:35, 12 January 2020 (UTC)

I agree with you, indeed no reason to tie to IP adress for any purpuses at all. The first priority should always be the wikipedia ID and only as latest measure should be the list of restrictions by IP, which means there is no way to authenticate the user. Sanaris (talk) 22:30, 15 March 2020 (UTC)

I don't see the rationale behind the ban for registered autoconfirmed users as well, and this hurts me too since I live under an oppressive censoring government (so i have to use a proxy for my day-to-day browsing to avoid blocks), but Misplaced Pages administration have dismissed my request to give me an exempt w/o providing any reasoning in their decision. Since no one seems to react to the contents of this talk page, is there a better place to discuss such policies? L29Ah (talk) 21:30, 30 March 2020 (UTC)

@L29Ah and SimonEast: I'd recommend a previous response by me further down this page. The short answer to this concern is that autoconfirmed is not any type of barrier, because we often see that anyone can achieve multiple accounts with this status. You then end up with multiple accounts running across multiple proxies. I'd also give a tip for any future discussions: any proposal which involves converting all hard blocks to soft blocks is unlikely to work. Also, there is rarely such a monolith as 'Misplaced Pages administration', so I would also recommend sending your request to me by email, if you'd like it seriously considered. -- zzuuzz 22:23, 30 March 2020 (UTC)

Eight years and no solution

Can someone explain to me why nobody has found a way to let long-standing logged-in editors use proxies and VPNs. I've read through both pages of comments and nobody seems to want to fix this. Also MrNerdHair's valid comments above haven't been so much as answered. 阝工巳几千凹父工氐 (talk) 03:15, 21 July 2013 (UTC)

VPN's usually aren't blocked unless they offer a free trial. This page seems to have few watchers... Sailsbystars (talk) 01:07, 4 April 2014 (UTC)

Proactive proxy hunting

Is there any reason why we can't get subscriptions to paid open proxy servers in an effort to identify exactly which IPs are available so that we can block them? GabeMc 17:15, 26 May 2014 (UTC)

I believe something like that is how ProcseeBot (talk · contribs) operates, but it only catches one type of proxy that it can immediately and automatically verify.... web proxies, OTOH suffer from an inverse problem in that it's hard to establish with certainty that it is a proxy. Sailsbystars (talk) 21:08, 26 May 2014 (UTC)

This is now the official policy on open proxies

I just rearranged some articles to say that this page is the official policy on open proxies. I trust this is not controversial. I did not actually change content here.

I did this because Misplaced Pages:Blocking_IP_addresses#Open_proxies, a "consensus page" which is weaker than those tagged as Misplaced Pages:Policies and guidelines, says to go here for more information. This page previously said that for more information, one should go to Misplaced Pages:Blocking_policy#Open_or_anonymous_proxies, which is a policy page just like this one. That page said to come here for details, but since all of the information on the topic is here, it should note that this is the main page. Misplaced Pages policy pages should be set up so that one page claims to be the main policy, and other pages refer to that page as the main policy. This is how I rearranged things. The "blocking" page is about blocking generally, and is not really about open proxies, and the IP address page is about something else too. This is the most relevant page, so I made the other pages refer to this one when talking about open proxies.

The changes that I made are to say that conversations about open proxies, for blocking or otherwise, should go here in this talk forum, and that this is the page where people read policy on open proxies and not elsewhere. Blue Rasberry (talk) 01:18, 17 December 2014 (UTC)

I am not sure what you are talking about, but I know that somebody has been going around "fixing" articles so that tens of thousands of people with ordinary Los Angeles Public Library cards can no longer get access to check on the sources for the scores of articles I have written about L.A. topics. If you think this improves the encyclopedia, you are definitely wrong. It stinks: Take it from one who has BeenAroundAWhile (talk) 15:11, 13 January 2020 (UTC)

Why Wikimedia, Inc. should not care about IPv4 addresses

I would like to suggest that IPv4 addresses are no longer a good way to identify users. Most ISPs assign a new IPv4 address periodically (usually, every disconnection from the ISP introduces a new IPv4 address and many ISPs assign a new address at least once every 72 hours, the DHCP default). Because ISPs are no longer allocated sufficient IPv4 addresses to assign a separate address to each connected device, ISPs have begun to use port reassignment (the same as VPNs and Proxies). With port reassignment, users connect to the ISP via an intranet IPv4 address (which can appear to be an ordinary IPv4 address) and the ISP connects the user to the internet via a range of source ports on an internet IPv4 address. Thousands of user devices can use the same IPv4 address. IPv4 addresses are still useful for identification of the company that connects a user or device to the internet.

US law was changed earlier this year to allow ISPs to sell user information and trace logs, without notice to users. This includes source and destination IP addresses for every connection and (when available) the Latitude and Longitude from which the user is making the connection. This applies even to HTTPS connections. This has caused many of us to turn to VPNs for all internet use.

For both security and privacy reasons, most US internet users and all mobile connection users (any type of radio connection) should be connected via an encrypted connection to the internet. Radio connections are easily hackable, so an ISP or intermediary that accepts encrypted routing (IP packet) headers is necessary. Encrypted connection to one's ISP or mobile telephone provider is rarely available.

Requiring HTTPS connections, login IDs, and passwords, and the use of email to confirm each login ID is much more reliable. HTTP connections allow easy packet insertion hacks. If you require an email confirmation for connections that are from a provider the user has not used before, that provides some additional identity assurance beyond the password, if the user's connection to the provider is encrypted. But a provider that accepts unencrypted communication from users (like most ISPs) is not reliable assistance in identifying users. Drbits (talk) 01:04, 9 November 2017 (UTC)

Thanks for the detailed explanation @Drbits:. I completely agree. As I noted in my previous comment above, my ISP no longer provides me with my own IPv4 address, I have to share it with dozens, if not hundreds/thousands of other customers. And I cannot edit via a paid VPN because that is also considered a transport for abuse. *sigh* — SimonEast (talk) 05:50, 12 January 2020 (UTC)

Why requiring VPN disconnection is a problem

For security reasons, disconnecting from a VPN often also disables internet connection from most programs. This is not just inconvenient, but it also temporarily blocks antivirus updates, file synchronization, and other security measures.

More sophisticated computer users can greatly improve system security by only leaving the VPN port open in the firewall. Drbits (talk) 01:19, 9 November 2017 (UTC)

It looks to me as though all these legitimate complaints about VPN blocking are being systematically ignored. There is no valid reason that confirmed registered users, when logged in, should be blocked from editing, just because of their IP address. I'm starting to believe that some administrators are compulsively and closed-mindedly pressing forward with this policy, "Don't confuse us with the facts". The only plausible explanations I can come up with for this prolonged behavior are... — well, understandably human, but... — still not all that flattering. Respectfully, you guys need to review what you're doing, here.--IfYouDoIfYouDon't (talk) 09:30, 22 November 2018 (UTC)

I understand the concern about traceability, but requiring logins eliminates that. The only other thing I can think of is the concern over DDOS attacks - but those would apply to access to all of the organization's assets. Drbits (talk) 03:27, 19 February 2020 (UTC)

@Drbits, User:IfYouDoIfYouDon't it has gotten very ugly. Two Misplaced Pages editors were arrested in Saudi Arabia and who knows if it may have had something to do with the inability to use vpn. There is a discussion in Misplaced Pages:Village pump (WMF)/Archive 6#Saudi Arabia arrests two Misplaced Pages adminstors. Thinker78 (talk) 01:31, 9 January 2023 (UTC)

This is so dumb.

I'm trying to get into the Los Angeles Public Library website so I can check on a source for an article I posted. Here is what I got, a big message about "Proxies." https://en.wikipedia.org/search/?title=Bernard_Cohn_(politician)&action=submit I've noticed that somebody within the past few years has gone around and messed with ALL the LAPL library sources, and now I can't see the sources for all the articles I've created, and I've done a few hundred or more. I have GOT to be able to check the sources, and so does everybody else. What is the purpose of this? It seems to have been done with no notice to anybody. Sincerely, BeenAroundAWhile (talk) 01:29, 27 September 2019 (UTC)

Autoconfirmed editors should be allowed to edit through proxies.

Autoconfirmed editors should be allowed to edit through proxies. They've already shown that they're not vandals. Blocking them does nothing but prevent constructive edits. Benjamin (talk) 05:34, 29 September 2019 (UTC)

I'm not sure if this is an answer to my rant above, but if it means I can get back to my Los Angeles Public Library sources (as could anybody else with a Los Angeles Public Library card), I'm in favor of it. BeenAroundAWhile (talk) 05:38, 29 September 2019 (UTC)

I would agree @Benjaminikuta:. Blocking not only open-proxies but any and all VPNs even for autoconfirmed editors does seem like a great overkill and puts editors' privacy and security at risk. Sadly, it doesn't appear that anyone of influence is reading the posts on this page. Perhaps there's a better location to raise these concerns. — SimonEast (talk) 05:46, 12 January 2020 (UTC)

Thanks for the reply. Perhaps we could start an RfC? But I'm not so familiar with the procedure. Benjamin (talk) 09:10, 12 January 2020 (UTC)

The appropriate place to start would probably be WP:VP. Speaking as someone who deals with abusive sockpuppets and sometimes partially helps to implement this policy, I'd say two things: First, autoconfirmed is no barrier and we often have to deal with multiple autoconfirmed sock farms hopping around multiple proxies. Second, before thinking about a RfC, have a good read of WT:IPBE, which is closely intertwined with this policy. -- zzuuzz 14:26, 13 January 2020 (UTC)

How banned are VPNs?

"using a VPN to edit is not permitted."

This was news to me!

Now, I recognise that there are good reasons to block some anonymising services. However for a logged-in WP account, particularly one which is autoconfirmed, been here for years etc., why is their use of a VPN as an invisible transport mechanism from them to WP (for reasons which quite honestly are just none of our business) any sort of problem? Andy Dingley (talk) 16:55, 8 March 2020 (UTC)

Yeah, this is definitely not the case, but an uncommonly held misbelief which really should be corrected. You won't find it written in policy. -- zzuuzz 17:41, 8 March 2020 (UTC)

This was an admin refusing an unblock request (presumably some sort of IP ban collision). User talk:Deku-shrub#Unblock @331dot: Andy Dingley (talk) 19:26, 8 March 2020 (UTC)

I have recently become aware that the requirements for IPBEs have been loosened from my initial understanding of them. I'm still working on this. 331dot (talk) 19:31, 8 March 2020 (UTC)

Can open proxies be used in a countries that blocked Misplaced Pages?

Is there's exception that open proxies can be used for any countries that blocked Misplaced Pages (e.g. China)? SpinnerLaserzthe2nd (talk) 18:01, 6 May 2022 (UTC)

See Misplaced Pages:Advice to users using Tor to bypass the Great Firewall. AKK700 07:03, 20 September 2022 (UTC)

Use TCPioneer to access the WP without changing the IP address. IntegerSequences (talk | contribs) 01:06, 22 December 2022 (UTC)

There is a discussion at Village Pump

There is a discussion of this policy at Misplaced Pages:Village pump (policy)#Allow registered editors to use vpn (open proxies). Your input is welcome! --Thinker78 (talk) 15:58, 11 January 2023 (UTC)

Should we add a page about Google One/Private Relay?

I know that Google One VPN is blocked. How about people using Private Relay from Apple- would that be considered an open proxy too? I think we might need to make a page about this as a lot of people might be using it and they may not be aware. 747pilot (talk) 19:57, 14 April 2023 (UTC)

Just weird

I know I'm about to bring out a lot of angry men shouting about sockpuppets, but it just seems bizarre to me that Misplaced Pages allows people to edit through random URLs without registration, but apparently can't find a way to allow registered editors with thousands of good edits to edit through a commercial VPN.Atrapalhado (talk) 13:38, 2 March 2024 (UTC)