Make IP reputation available as a variable in AbuseFilter
Open, Needs TriagePublic
Actions

Assigned To

None

Authored By

	kostajh
	Jan 9 2024, 9:02 AM

Description

Following from research in T354597: Record IP reputation data for account creations and edits, let's look at introducing a variable in AbuseFilter to allow actions based on whether an IP address for a request is in iPoid-Service's database, or more granular controls, like if an IP address belongs to a specific risk type (e.g. callback proxy vs VPN).

At a minimum, it seems that we would want to show a CAPTCHA or provide some type of mitigation when we see requests associated with IP addresses known to ipoid.

Related Objects

Mentioned In: T354600: Create persistent storage for edits, account creations, account logins, and log entries associated with IPs with poor reputation
Mentioned Here: T354597: Record IP reputation data for account creations and edits

Event Timeline

kostajh created this task.Jan 9 2024, 9:02 AM

Restricted Application added a subscriber: Aklapper. · View Herald TranscriptJan 9 2024, 9:02 AM

kostajh mentioned this in T354600: Create persistent storage for edits, account creations, account logins, and log entries associated with IPs with poor reputation.Jan 9 2024, 9:08 AM

kostajh added a project: MediaWiki-extensions-IPReputation.Mar 6 2024, 9:41 AM

Make IP reputation available as a variable in AbuseFilterOpen, Needs TriagePublicActions

Description

Related Objects

Event Timeline

Make IP reputation available as a variable in AbuseFilter
Open, Needs TriagePublic
Actions