User:Shadow1/Closed proxies

Summary
Due to Wikipedia's no open proxies policy, many editors are unable to edit pages because they are behind the Great Chinese Firewall. I propose that a WikiProject be established to aid editors in other countries in setting up password-protected proxies, and to help editors in China use these proxies.

Background
Wikipedia's no open proxies policy states that all open proxies will be hardblocked on sight to prevent abuse. Unfortunately, the Great Chinese Firewall is configured to deny users in China access to Wikipedia articles. Thus, the only way to read/edit articles is by using an open proxy. This is, of course, prohibited under the above policy. Worse, users who would normally use Tor to bypass the firewall are also denied access, because Tor editing is also prohibited.

Solution
Open proxies are hardblocked to prevent abuse. This is a good idea, and I support it. However, we also need to consider the needs of editors in China. So, if trusted users in China are given access to closed (password-protected) proxies, then they are able to bypass the Chinese Firewall and edit articles, all without violating Wikipedia policy!

Potential Problems
Of course, not all users that wish to use this project's servers will have good intentions. Since each server is expected to be run by its individual owner, it is the owner's responsibility to perform the following duties:
 * Ensure that all applicants to the proxy are well-known and established, or are actually from China and express a positive interest in editing.
 * Enact measures that will prevent malevolent editors from abusing the encyclopedia. This includes monitoring editors' accounts; disabling account creation (via mod_rewrite on Apache); password-protecting the proxy or other authentication measures; and denying repeat offenders an account on the proxy. A good idea would be to force applicants to email the operator using their ISP-provided email account, to verify that they're actually affected by the firewall.

Technical Details
Many solutions are available to support this proposal:


 * Squid proxy — A high-performance web cache, can authenticate users using many different backends.
 * Apache httpd — Apache has support for HTTP proxies via mod_proxy. This is the most lightweight solution, as setting up users and passwords is made trivial by text-based configuration files.
 * OpenVPN — While I haven't personally tested this yet, I believe it would make a great encrypted proxy.