Page MenuHomePhabricator

Recent edits / vandalism from
Closed, ResolvedPublic

Event Timeline

Slakr created this task.Dec 2 2015, 12:44 AM
Slakr raised the priority of this task from to Needs Triage.
Slakr updated the task description. (Show Details)
Slakr added a project: Operations.
Slakr added subscribers: Slakr, MZMcBride.
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptDec 2 2015, 12:44 AM
ori triaged this task as Unbreak Now! priority.Dec 2 2015, 12:45 AM
ori set Security to None.
ori added subscribers: ori, BBlack.

Given the timing, this is probably related to

Krenair renamed this task from Recent edits / vandalism from on enwiki to Recent edits / vandalism from 2 2015, 12:47 AM
Krenair updated the task description. (Show Details)
Krenair added a subscriber: Krenair.

The timing makes this seem related to <grrrit-wm> (CR) BBlack: [C: 2] tlsproxy: settable upstream IP, defaulting to [puppet] - (owner: BBlack)

jrbs added a subscriber: jrbs.Dec 2 2015, 12:49 AM

Yes, it's related and revert is in progress, we don't need further confirmation reports

ori closed this task as Resolved.Dec 2 2015, 12:51 AM
ori claimed this task.

Reverted in 5f6512ac9850d1.

Has a task been filed about the bug in MediaWiki?

<bblack> there's a bug in mediawiki somewhere
<bblack> this probably all goes back to TrustedXFF and related code
<bblack> it probably "trusts" our local networks and rewinds through them in the XFF list to reach the "real" client IP, but doesn't consider to be part of our local network for those purposes, so it stops there and calls that the client IP
<bblack> (my change was to switch one of our internal forwarding proxies from using a local server's own IP to using to reach the same, which replaced a WMF IP with in the midst of the XFF list)