Then vandals can forge their XFF to claim they're coming from somewhere else.

If you have a list of trusted proxy servers, please check out [[mw:Extension:TrustedXFF]].

Should be WFM, my fault.

This function is built-in and configurable with $wgSquidServersNoPurge and the above extension is just a list.

If you want to open it to every IP, write in your LocalSettings.php:

$wgHooks['IsTrustedProxy'][] = function( &$ip, &$trusted ) { return $trusted = true; }

kaare wrote:

This request is due to vandalism seen in Wikipedia; we can't just change the setup ourselves as we see fit.

Sometimes you have other means to verify the validity of an XFF address, and when you know for a fact that the vandalism is coming from said XFF address, it would save a lot of combined time and effort if the checkusers were able to stop the vandalism at the origin rather than the administrators having to chase after open proxies and revert vandalism.

Thus, I'm re-opening as the requested feature isn't implemented.

• This bug has been marked as a duplicate of bug 23343 ***