Author: ayg
Description:
Problem: say an open proxy or whatnot repeatedly tries to log in as various
sysops. Say it even triggers lockouts and e-mails and alerts per bug 9836. But
there's no way to stop it. Block the IP? Can still log in if it gets a correct
password, can immediately unblock itself and wreak havoc.
Obvious solution: permit some way to block IPs from even logging in. Problem
with obvious solution: collateral damage. Currently users can happily log in
with Tor or whatever they want, and for some (China, etc.) this might even be
necessary; if some clown gets open proxies blocked from logging into a wiki as
sysop, some users might be inconvenienced or even unable to edit.
So a more careful solution is needed. The obvious solution to the problem with
the obvious solution is more granularity, e.g., make it possible to block open
proxies from logging in as admins except for certain exempted admins who
actually need/want to use open proxies. Unfortunately, that's complicated, but
I can't see any other way to avoid the problem, and ignoring the problem appears
unacceptable.
However this works, obviously no confirmation or disconfirmation of the entered
password should be given, i.e., no message like "you would have successfully
logged in except that your IP is blocked"; that would obviously defeat the
purpose. It has to be "we didn't even look at your entered password because
your IP is blocked from logging in".
It would seem like this should be a dupe, probably of a WONTFIX, but I can't
find anything.
Version: unspecified
Severity: enhancement