Making progress – despite NTL’s transparent proxies

The next step, moving World of Badger to the new server, went without a hitch (well, apart from the 20 minute period this morning between changing the nameservers and remembering to actually run the SQL to populate the new database with the old content!). As for the problem of WordPress incorrectly showing zero posts under some categories, that was easily fixed by re-saving a single post from each miscalculated category.

The only other major issue I’ve yet to deal with is Bad Behavior; don’t get me wrong, it seems to be doing a sterling job of blocking spam (over 2000 attempts blocked in the last 48 hours), but unfortunately it doesn’t like my ISP NTL. Or more accurately, Distributed Sender Blackhole List (one of the spam IP address lists it uses) doesn’t like NTL’s transparent proxies, some of which are blacklisted.

NTL infamously routes all its customers’ web traffic through transparent proxies which cache content in order to reduce network congestion (in a similar way viewed pages being cached by your browser). There are a couple of dozen NTL proxy servers around the country, with their own IP addresses (as far as I know, the only other UK ISP to do this is AOL, and I believe they even use proxies in the US). Unfortunately, rather than checking my actual IP address against the blacklist, Bad Behavior is checking the IP address of the particular NTL proxy I happen to be being routed through. Even though the proxy can be shared with thousands of other users, all it takes is one person doing something bad (sending spam, or just having a PC infected with malware) for that proxy’s IP address to get blacklisted. That’s the situation with the NTL proxy at Bromley (my default) – because it’s blacklisted, all the NTL customers using it are effectively blacklisted too.

As a result of Bad Behavior thinking my IP address is blacklisted, I can’t actually log in to my own WordPress admin area when connected through this proxy! (I’m blocked from other sites too, such as the ever-helpful DNS Stuff). Luckily there is a short-term solution – it’s easy to change to a different proxy (see here for more help and information on NTL’s crap proxies). Connecting through a non-blacklisted proxy in Cardiff means Bad Behavior allows me through.

Long-term this isn’t a solution though – obviously any visitors using blocked NTL proxies won’t want to switch just to post a comment. Bad Behavior dos have a ‘whitelist’ facility for listing IP addresses to let through, so I suppose I could enter NTL’s proxy IP address ranges. Perhaps a better option would be to tweak the plugin so it grabs the visitor’s real IP address and not that of the proxy server (I may have a go if I have time). Better still would be for NTL to stop using transparent proxies, but I guess if they’ve over-sold their services that won’t be happening any time soon.

Leave a Reply