Page MenuHomePhabricator

Recent edits / vandalism from 127.0.0.1
Closed, ResolvedPublic

Event Timeline

Slakr created this task.Dec 2 2015, 12:44 AM
Slakr raised the priority of this task from to Needs Triage.
Slakr updated the task description. (Show Details)
Slakr added a project: Operations.
Slakr added subscribers: Slakr, MZMcBride.
Restricted Application added subscribers: StudiesWorld, Aklapper. · View Herald TranscriptDec 2 2015, 12:44 AM
ori triaged this task as Unbreak Now! priority.Dec 2 2015, 12:45 AM
ori set Security to None.
ori added subscribers: ori, BBlack.

Given the timing, this is probably related to https://gerrit.wikimedia.org/r/256366.

Krenair renamed this task from Recent edits / vandalism from 127.0.0.1 on enwiki to Recent edits / vandalism from 127.0.0.1.Dec 2 2015, 12:47 AM
Krenair updated the task description. (Show Details)
Krenair added a subscriber: Krenair.

The timing makes this seem related to <grrrit-wm> (CR) BBlack: [C: 2] tlsproxy: settable upstream IP, defaulting to 127.0.0.1 [puppet] - https://gerrit.wikimedia.org/r/256366 (owner: BBlack)

jrbs added a subscriber: jrbs.Dec 2 2015, 12:49 AM

Yes, it's related and revert is in progress, we don't need further confirmation reports

ori closed this task as Resolved.Dec 2 2015, 12:51 AM
ori claimed this task.

Reverted in 5f6512ac9850d1.

Has a task been filed about the bug in MediaWiki?

<bblack> there's a bug in mediawiki somewhere
<bblack> this probably all goes back to TrustedXFF and related code
<bblack> it probably "trusts" our local networks and rewinds through them in the XFF list to reach the "real" client IP, but doesn't consider 127.0.0.1 to be part of our local network for those purposes, so it stops there and calls that the client IP
<bblack> (my change was to switch one of our internal forwarding proxies from using a local server's own IP to using 127.0.0.1 to reach the same, which replaced a WMF IP with 127.0.0.1 in the midst of the XFF list)