Posted by KG2 on October 13, 2011 at 5:55am
6 followers
Jump to:
| Project: | Drupal.org webmasters |
| Component: | Other |
| Category: | support request |
| Priority: | normal |
| Assigned: | Unassigned |
| Status: | fixed |
Issue Summary
For 2 weeks I have been greylised at drupal.org and requested whitelisting. Today I was banned. I don't know why this is happening and don't know what to do to fix this. Do I have a virus, spyware problem? Where can I find help with this? I have a dual boot (Ubuntu karmic and Windows XP) - it happens on both OS's.
I now can't download serial field (http://drupal.org/project/serial).
I use Telkom (South Africa) ADSL and wireless. Should I contact my service provider rather than drupal.org?
Attempts to google this issue informed me I have done something wrong. What? Is my computer sending spam without me knowing it?
Assistance and clarity would be greatly appreciated.
Heli
(Desperate site builder trying to meet a deadline.)
Comments
#1
I've removed the blacklist entry.
YOu end up there when projecthoneypot has your IP blacklisted. Why they did that is explained at their site:
www.projecthoneypot.org
You can search for your IP there.
http://whatismyip.org/
will tell you which IP you use at the moment.
#2
Thanks so much for unblocking and getting back to me - I'll follow this up.
#3
Update:
My IP keeps being blacklisted at http://drupal.org (this despite the fact that according to Honeypot the current IP has been whitelisted since 15 October). This is happening both at home and at work (both Telkom modems). I just appear to have been unblacklisted - is it perhaps because of your intervention and the fact that I've logged in?
According to a comment on honeypot
http://www.projecthoneypot.org/ip_196.25.255.218
#4
No, I didn't do anything regarding your IP. It is not in the blacklist atm.
#5
It has taken me at least 20 minutes and many page refreshes to be able to reply to your post.
I receive the following messages from http://drupal.org (same day, same computer):
Click on http://drupal.org/httpbl/whitelist
Sorry, 196.25.255.218 has been blacklisted by http:BL.Go to Honeypot:
Refresh the page at http://drupal.org several times, get through, then it happens again:
.
-----------
etc etc
-----------------
Meanwhile according to honeypot:
Whitelist IP: 196.25.255.218
- 196.25.255.218 has been whitelisted 6 time(s) and delisted 5 time(s)
- Whitelist status: This IP is currently whitelisted and has been since October 15, 2011 09:25 AM PDT.
I am starting to feel a little crazy here (though no doubt this attributable to my ignorance). As far as I can tell:
#6
Hmm, have you tried to use the whitelist form? It will set a session var that should whitelist you locally.
#7
The whitelist form now takes me to
Sorry, 196.25.255.218 has been blacklisted by http:BL.
(it did work a few weeks ago)
and sometimes I end up on the Access Denied page
#8
It happened repeatedly trying to reply to you.
The link to the whitelist form took me to 'Access Denied'.
On refresh to: Sorry, 196.25.255.218 has been blacklisted by http:BL.
I don't know if this will get through. But currently, for me, http://drupal.org is virtually unusable.
#9
i am now on my cell phone and see the above was posted (despite greylist, access denied, blacklist repeat on save). I am now blacklisted on both my laptop and desktop and page refreshes are not making a difference.
#10
there was a single IP in the access list. I unfortunately purged it before checking which IP...
I have the suspicion, that you are a victim of some bad caching rather than actual blackisting. I am not sure if that happens on our side or on yours, though.
#11
It appears your suspicions are correct, and the issue is with my service provider. I found this: http://projecthoneypot.org/board/read.php?f=4&i=725&t=725
hope it makes more sense to you than me... Something to do with SAIX web-caching. Interestingly, the example IPs are the ones I'm having an issue with today. Drupal.org reports greylisting on the former (194) and Honey Pot says I'm accessing from the latter (195).
Is there anything more that can be done at drupal.org? I suspect not... Thanks for all the attention you have given my support request. I really appreciate it.
Heli (who has reverted to phone and Opera Mini in desperate attempt to access drupal...)
#12
I have now manually whitelisted 196.25.255.218 fr a month, does that help?
#13
Made no difference I'm afraid.
#14
Currently, no addresses that can be associated with South Africa are blocked locally.
Can you access
http://drupal.org/httpbl/whitelist directly?
#15
Can't access http://drupal.org/httpbl/whitelist
-------
Tried get assistance from Drupal South Africa group. Following message:
"Your submission has triggered the spam filter and will not be accepted."
--------
According to http://whatismyip.org/ my IP (both laptop and desktop) is: 41.146.226.143
Do you have any record of this IP?
---------
My attempt to get assistance from Telkom has failed thus far. After lengthy description was asked, "Are you connected to the internet?" and given instructions for turning on my modem. I'll steal myself and try again to day.
--------
My last 2 attempts to reply to you disappeared with greylisted message on 'Save'. Lets hope it doesn't happen again.
Heli
#16
I have no record of 41.146.226.143, it is not blacklisted.
It is strange that you cannot access http://drupal.org/httpbl/whitelist _and_ get mesages about being greylisted at the same time. You should have access there.
I have now manually whitelisted 41.146.226.143.
#17
Update:
Service Provider, Telkom, is unable to assist in anyway. Reportedly, since my IP is dynamically assigned every 24 hrs, it is not possible that this has anything to do with them.
This on the honey Pot message board would appear to disagree:
http://projecthoneypot.org/board/read.php?f=4&i=725&t=725
-----------
I'm still trying to get my head around this:
* The greylisted IP reported at http://drupal.org is not necessarily the IP I am connecting with when I click the link to honeypot (http:BL)
* The IP reported blacklisted by http://drupal.org, is whitelisted by honeypot
-----------
I suppose the next port of call would be to pursue it with honeypot...
#18
According to Telkom, since my IP is dynamically assigned every 24 hrs, there is no way that a problem that has been occurring for a few weeks has anything to do with them.
This post at honeypot would appear to disagree:
http://projecthoneypot.org/board/read.php?f=4&i=725&t=725
I'm still trying to get my head around the logic of this:
* The greylisted IP reported at http://drupal.org is not necessarily the IP I am connecting with when I click the link to honeypot (http:BL)
* The IP reported blacklisted by http://drupal.org, is whitelisted by honeypot
* This is happening on 3 different computers with different operating systems, 2 different modems (same service provider)
---------
I suppose the next port of call would be to pursue this with honeypot...
or get a new service provider...
(I'm afraid your last manual whitelist made no difference.)
#19
Come to think of it, one of your interventions has made a difference. I am no longer getting the blacklisted message. i.e.
It stops at greylisted (today),
Then Access denied for the whitelist form (this is the stage where I previously got the blacklisted message)...
(Honey Pot: the greylisted IP 198.54.202.226 encountered 'bad activity' in Nov 2010, but has been whitelisted since March)
#20
I think the situation is that the proxy through which you leave your provider's net is changing with every request you make. That would explain why you get greylisted with one request and then white or blacklisted on the next ie when you try to access the whitelist form.
Ie the IP that you appear to come from changed from request to request.
Can you verify this by calling whatismyip.org a couple of times.
Collect the IPs that you see, so that I can whitelist them.
#21
That's the weird thing. BOTH my desktop and laptop show the same IP at http://whatismyip.org/
41.146.226.143
Called it several times on both computers and the number didn't change (although also got 'Server Error [code=SERVER_RESPONSE_RESET] ' and 'Too frequent!')
The honey pot post mentioned http://projecthoneypot.org/board/read.php?f=4&i=725&t=725
I'm afraid this not my area of expertise and I really don't know what the above means - but it seems relevant
What about whitelisting the IP currently reported greylisted by drupal.org: 198.54.202.226 and see if it helps.
Still wondering why I can't access the whitelist form...
Heli
#22
I don't understnad that description either...
I'll try to find somebody who does.
198.54.202.226 is now whitelisted.
#23
I really though the whitelisting would work. But what do you know, the greylist message is now:
Desktop:
Laptop:
And of course "Access denied" at http://drupal.org/httpbl/whitelist
Thanks again for all the attention you have given this support request. I really appreciate it and hope this issue is not driving you as nuts as it is me.
Heli
Tried to edit a post and now the message is
So that is the IP thats changing (not whatever is showing at http://whatismyip.org/)
---
few minutes later
196.25.255.250 again
------
few minutes later
--------
My laptop is now greylisted with the same IP that the desktop was greylisted with when I started this post:
196.25.255.250
#24
Discovered this IP was not whitelisted, 196.25.255.250 managed to send the request without the usual 'try again' with changing IP errors -(now wondering if this was because I previously tried this with a wireless connection...) :
#25
I have whitelisted all recorded IPs starting with 198. _locally_ (which will expire tomorrow).
If you still get the messages "access denied" when trying to access the form please update here. I added some debug info.
#26
On reading this, in quick succession,
1) Went to http://drupal.org
Sorry, 198.54.202.210 has been greylisted by http:BL.
You may try whitelisting on http://drupal.org/httpbl/whitelist.
http://drupal.org/httpbl/whitelist : 'Access Denied'
2) Opened http://drupal.org/node/1308240, clicked reply (http://drupal.org/comment/reply/1308240/5164050)
Sorry, 196.25.255.194 has been greylisted by http:BL.
You may try whitelisting on http://drupal.org/httpbl/whitelist.
http://drupal.org/httpbl/whitelist : 'Access Denied'
3) http://drupal.org/comment/reply/1308240/5164050 On 'Save'
Sorry, 196.25.255.194 has been greylisted by http:BL.
You may try whitelisting on http://drupal.org/httpbl/whitelist.
http://drupal.org/httpbl/whitelist : 'Access Denied'
4) Opened new tab
http://drupal.org/node/1308240 saw this was not posted. Will paste it and try again
#27
Checked the http:BL links.
1) 198.54.202.210 is whitelisted
2) Requested whitelisting for 196.25.255.194
#28
Then miraculously all links appeared to work and I thought you'd fixed it, and then, not:
Sorry, 196.25.255.250 has been greylisted by http:BL.
You may try whitelisting on http://drupal.org/httpbl/whitelist.
http://drupal.org/httpbl/whitelist 'Access denied'
But it does appear to be happening less often...
#29
http://drupal.org/search/apachesolr_multisitesearch/rules%20token%20cond...
Sorry, 196.25.255.194 has been greylisted by http:BL.
You may try whitelisting on http://drupal.org/httpbl/whitelist.
http://drupal.org/httpbl/whitelist 'Access denied'
#30
I've whitelisted additional IPs (those that start with 196.2)
Frankly: I blame your provider despite what they say. Can't they give you a semi-permanent IP? With yours changing every couple of requests you are going to have trouble elsewhere too.
#31
I need to investigate this with Telkom - but have failed to communicate with anyone who believes this is a real problem. My last attempt was met with, "Can you access Google? Can you access Facebook? Can you access Youtube?" The implication was that these 3 are "the internet", while Drupal is not.
(But it is true that I haven't noticed a problem with other sites - but to be honest I'm currently so busy with a Drupal project that I haven't spent much time elsewhere of late...)
One thing that is odd, is that I was told that the IP changes every 24hrs - but we've found that it is changing every couple of requests...
By the way, we're not talking about any service provider here. This is South Africa's main telecommunications company, a parastatal (monopoly on landlines, cables etc)
Thank you very much for all your help.
Heli
#32
You really should get into contact with other South African drupal.org users. There must be quite a few by now and you appear to be the only one who has these issues. Or maybe you are the only one who hasn't given up :-?
Only alternative would be to whitelist the whole country. We'd need a while to compile a list of IPs.
#33
KG2 has alerted us at http://groups.drupal.org/node/186079
We'll see if we get some more info at that thread. I personally haven't had any blacklisting issues. My ISP is Afrihost, but eventually all internet in South Africa goes through SAIX. Maybe KG2 should set up a VPN at linode or something...
#34
haven't been following the whole story but I am currently getting the same issue as KG2. I've never ever seen such thing in my life. I've been to whatismyip.org and that shows another ip each time that I refresh...
#35
It's been months since the last activity here. If there is still a problem, please re-open.