Page MenuHomePhabricator
Create Task
Maniphest T15611

Blocking account creation on an IP address should apply to logged in users too
Closed, ResolvedPublic
Actions

Description

Author: mapellegrini

Description:
IP addresses and ranges that have been account-creation blocked should not allow logged-in users to register new accounts. I've determined that a recent group of sockpuppet accounts I blocked (using checkuser) were registered from a range I had account-creation blocked. Apparently, the vandal had one sockpuppet account already (let's call it A), and used that account to register others - A registers for B, B registers for C, C registers for D, etc. All registrations were done using IP addressesI had already blocked.

Version: unspecified
Severity: major

Details

Reference
bz13611

Related Objects

Event Timeline

bzimport raised the priority of this task from to Medium.Nov 21 2014, 10:04 PM
bzimport added a project: MediaWiki-User-management.
bzimport set Reference to bz13611.
bzimport added a subscriber: Unknown Object (MLST).
bzimport created this task.Apr 4 2008, 5:46 AM
aaron added a comment.Apr 5 2008, 1:38 AM

Done in r32800.

aaron added a comment.Apr 5 2008, 1:39 AM

(In reply to comment #1)

Done in r32800.

Gah, wrong bug.

bzimport added a comment.Apr 5 2008, 1:51 AM

mike.lifeguard+bugs wrote:

ACB should be /real/ ACB rather than the current method of blocking account creation for anons-only. CUs can't be expected to be perfect, and this makes their job much easier. ACB on an IP or range needs to stop new accounts from being created, full stop. This is a loophole that requires perfection from CUs to close, and that's not cool; a software change is in order.

bzimport added a comment.Apr 6 2008, 7:21 AM

Aphaia wrote:

Sounds helpful. I support.

aaron added a comment.Sep 22 2008, 1:22 PM

Fixed in r41150

aaron added a comment.Sep 22 2008, 1:23 PM

*** Bug 14698 has been marked as a duplicate of this bug. ***

Logan added a comment.Apr 7 2011, 2:25 PM

Please note that this bug causes me, an account creator at ACC, to not be able to create accounts when logged in even though the block on my shared IP that I sometimes edit from is anon. only.

Peachey88 added a comment.Apr 8 2011, 9:42 AM

Is your account in the IP block exempt group?

Logan added a comment.Apr 11 2011, 1:40 AM

Now it is.

JJMC89 mentioned this in T189362: ipblock-exempt does not allow account creation when blocked.Jun 4 2019, 5:45 AM
Content licensed under Creative Commons Attribution-ShareAlike (CC BY-SA) 4.0 unless otherwise noted; code licensed under GNU General Public License (GPL) 2.0 or later and other open source licenses. By using this site, you agree to the Terms of Use, Privacy Policy, and Code of Conduct. · Wikimedia Foundation · Privacy Policy · Code of Conduct · Terms of Use · Disclaimer · CC-BY-SA · GPL