Can't fix block information on an appeal due to server 405: Method not allowed error, possibly due to invalid blocking IP

[scarletcs]

Summary: I am unable to edit my IP ban appeal because the server fails with a 405 on attempting to submit the edit form. I'm not doing anything unusual, I'm just filling out the form.

I believe this may be specific to the actual IPv6 range under which I'm blocked because it doesn't appear to be valid, and the form doesn't handle this scenario well. I'm not sure how I'm blocked on Wikipedia under an invalid IP, but I am and still need to be able to appeal it somehow.

Some notes for my ban:

• The IP address I'm using in my appeal is an IPv4 address (the same one given to me by https://api64.ipify.org/).
• I'm blocked under an IPv6 address range. (One that may be invalid, as noted.)
• I am not knowingly using IPv6. https://whatismyipaddress.com/ does not detect an IPv6 address for me. https://ipv6-test.com/ also does not, and tells me IPv6 is not supported here.
• My appeal key starts with 6574c5e in case it helps identify any server logs related to this appeal.

Version on the page:

Unblock Ticket Request System (v2.3.1-security)

Full scenario

My residential IP address is blocked on Wikipedia under the IPv6 range ‪2A09:BAC1:0:0:0:0:0:0/32. The block appears to be incorrect—this is not a web host or colocation provider, it's just residential internet—so I appealed.

I submitted an unblock ticket request as offered in the block page. The appeal system cannot find the associated block and prompts me to edit my ticket to fix the block information. It's closed so I can't comment on the situation on the appeal itself.

I've attempted to follow that process by editing the block information as requested.

However when I hit submit, the submit fails with a 405: Method not allowed error. This happens regardless of browser: I've tried Firefox desktop, Chrome desktop, and Firefox android, so it definitely appears to be a server thing. This also happens if I leave out the "/32" at the end, just in case that was tripping it up.

If I hit back from the 405 error to return to the edit page, there will now be a form error saying “The hiddenip must be a valid IP address.” I've filled out all fields though. My IP address is definitely valid. The IPv6 range is as given on Wikipedia. There's nothing missing or incorrect here.

This appears to be specific to the “underlying IP” option and me specifying an IP. When I use the “I don't have an account option” and do not specify an IP, it submits OK, although my appeal is closed again automatically seconds later and returned to NOTFOUND status, so I need to fill out the “underlying IP” option specifically in order to progress my appeal.

This might be specific to my blocking IP as well. Page inspection reveals that “hiddenip” is the field describing the IP under which I am blocked. v6decode tells me that 2A09:BAC1:0:0:0:0:0:0 is not a valid IP address. Nevertheless, it's the IP Wikipedia tells me I'm blocked under.

Summarising my findings and feedback so far:

• The form validates that the blocked IP I supply is a valid IP address. It appears that if validation fails, this scenario is not handled gracefully with UI, but instead with a server error.
• It is possible (somehow) for Wikipedia to ban an invalid IP range, or a range associated with what is independently an invalid IP address, and people like me will (somehow) actually be banned. The ban appeal form needs to be able to handle this scenario and allow for appeals.
• The error UI for an invalid IP should be less cryptic. As a human reader viewing the form, it's not clear what form field “hiddenip” is referring to, and what I did wrong or what I can do to fix the form. I could only figure it out by opening the element inspector to investigate what was going on.

[scarletcs]

I've investigated a bit more and updated this issue. It might be specific to the IP under which I'm blocked because it's not a valid IP address.

How am I blocked under an invalid IP? Beats me, but it's the case.

[scarletcs]

I've since learned some additional information that might clarify some of the weirder parts of this block: an IP block on Wikipedia's system can stick for a few hours even after I switch off my Cloudflare VPN, hence why my residential IPv4 could appear to be blocked under an IPv6 range. The appeal system naturally couldn't find a block that was associated with the IPv4 address, because there wasn't one.

I've since managed to register after waiting for the better part of a day on another device.

I believe the actual parts of this issue are only as follows:

• The error scenario needs to be handled more gracefully so as to avoid a server error page.
• The error message should be clearer.
• I recommend the appeal system should account for and explain the situation that your block can “stick” for a while. The error message for that scenario could express a message like the following: “We can't find a block like that associated with this IP. Your IP might have changed, such as because you changed your VPN. Please wait a day before trying to edit Wikipedia and see if your block still applies then.” Knowing that would have helped me navigate this issue.

[dqwiki]

405's definitely should not be showing - this will have to be investigated. That said, I can always endeavor to make messages more clear like in you say in 1 and 2. I will have to consider 3 further.