Jump to content
xisto Community
Chesso

Proxy Detection And Blocking.

Recommended Posts

Hello, I have tried a few simple methods in PHP to detect and block proxies but it always fails (I tested on an easy to find online list, and not a single one was blocked, they all got the ok message).It was only a simple X_FORWARD thingy, but even fromy my extensive searches, I find more information about how to get around detection, and not enough of how to detect lol.Is there reasonable solution, aside from storing a massive list stamping the bandwidth into the ground (and not to mention page speed).I don't know if the CPanel has anything included, but I am looking for a general solution (a mate of mine runs a site and needs this pretty bad).Thanks B).

Share this post


Link to post
Share on other sites

Tor alone won't do much lol.

If you need it for Comhack it'd do the job, but I'd recommend manual activation for that.
Privox (cantbustme, hidemyass, 250.eu, etc) proxies almost never change so you can block them like normal IPs.

As for other proxies, maybe have a script that is needed to view the site? Because most proxies block scripts.
Edited by SilverFox (see edit history)

Share this post


Link to post
Share on other sites

I know some of the DNSBLs have known proxies in them for spam blocking...maybe you could do that? Another solution would be to try a port 80 connect() (this will also block people who have open web servers on their machines or something else listening there) to the client ip and if it gets back data, make them jump through a few hoops to get to the site. Or make them unable to post anonymously, etc.Think of why you want to do this...if it's an abuse issue, great, but keep in mind you'll block people who have network nazis at work and school.

Edited by ethergeek (see edit history)

Share this post


Link to post
Share on other sites

@ethergeek: If yo at school you have no bussniess logging onto most websites, epically those blocked. If your at work you need to be working. As a developer of a game where multiple accounts is a big no-no I find that blocking proxies would be great and important and that there is no need for anonymous proxies unless your doing something naughty.

Share this post


Link to post
Share on other sites

I don't see any point of blocking a proxy connection, due to I myself sometimes use a proxy and it is usually not bad and there are reasons, of course, some anonymous proxies might be used to hack your site and that you wouldn't be able to find them, but usually if you will want to be hacked by some good guru/hardcore hacker, a php script which won't let a connection with a proxy won't help you a lot, in fact I doubt it will help.. anyway, here is my script I wrote some years ago to determine the right ip address of the user:

function getStats() {	global $s; // $s &= $_SERVER;	/* Get Info about User */	$stats['proxy'] 	= '';	$stats['info'] 	= $s['HTTP_USER_AGENT'];	$stats['page'] 	= $s['REQUEST_URI'];	$stats['method'] 	= $s['REQUEST_METHOD'];	/* Check Server Name */	if (!isset($s['SERVER_NAME'])) {		if (isset($s['HOSTNAME'])) {			$stats['server'] = $s['HOSTNAME'];		} elseif (isset($s['HTTP_HOST'])) {			$stats['server'] = $s['HTTP_HOST'];		} elseif (isset($s['SERVER_ADDR'])) {			$stats = $s['SERVER_ADDR'];		} else {			$stats['server'] = 'localhost';		}	} else {		$stats['server'] = $s['SERVER_NAME'];	}	/* Check http Proxy and IP Address */	if (isset($s['HTTP_X_FORWARDED_FOR'])) {		if (isset($s['HTTP_CLIENT_IP'])) {			$stats['proxy'] = $s['HTTP_CLIENT_IP'];		} else {			$stats['proxy'] = $s['REMOTE_ADDR'];		}		$stats['ip'] = $s['HTTP_X_FORWARDED_FOR'];	} elseif (isset($s['HTTP_CLIENT_IP'])) {		$stats['ip'] = $s['HTTP_CLIENT_IP'];	} else {		$stats['ip'] = $s['REMOTE_ADDR'];	}	# Return the Array	return $stats;}

and the usage of this is something like $stats = getStats(); and you'll get an array, to see what it has you can just do a print_r($stats); and thats all, this script was written years ago, maybe some headers appeared or something better, so a google search or a search in the manual might also help to improve it. B)

Share this post


Link to post
Share on other sites

Yeah iv'e tried those methods, they'll catch public open proxies, but they aren't the problem.These websites cop multiple accounts from people using anonymous proxy sign ups (MANY multiple accounts) to get ahead in the game.If they use a public open proxy then I can know what there real IP is and if they already have an account, or other general trace.But an anonymous one hides it, so I can't tell if they are legitimate or not.

Share this post


Link to post
Share on other sites

there is no need for anonymous proxies unless your doing something naughty.

That's complete *BLEEP*. Anonymous proxies are great for all kinds of things that are perfectly legal and acceptable behavior. You're projecting the actions of the few who abuse them onto the many that don't.

Example, let's say you're in a country with a restrictive regime that blocks most web sites, including world news (like the Arab countries, and China). Known proxies are quickly found and added to the block list at the ISP edges, so the only ones that work for them are the anonymous ones that people put up.

Another example, let's say (in my case when I was in high school) I wanted to read the Starr report at school, as part of a report that already got my instructor's approval for the controversial content matter. The library computers there could not pull up any part of the report because it contained sexually charged language and the staff at the library did not know how to fix it, since the firewall operated at the district level. An anonymous proxy is what got me through that.

Final example, let's say I want to see how fast my site loads for someone in say, Germany. I use a German proxy to fetch the page and time it, then I subtract the time it takes to load the same amount of data from the proxy page itself.

In closing, there are many legitimate uses of anonymous proxies, and some people use them simply because they're paranoid. Either way, when you block them you cut off a segment of your visitors/customers. Just something to keep in mind.

Share this post


Link to post
Share on other sites

In an online web browser game? (the purpose of this blocking of anonymous proxies).School, Work or College: Shouldn't be playing it here anyway.ISP Blocking sites: Who's problem is that? not mine lmao.I know of, have played and participated (as staff) in a few such games and haven't heard of a single person with a legitimate excuse for using an anonymous proxy.English sites don't tend to attract germans, arabs or chinese (within there respective countries)...... unless of course they have a good command of the english language.

Edited by Chesso (see edit history)

Share this post


Link to post
Share on other sites

1. Do any of us live in China? I rest my case. 2. The answer to things like china is forcible revolution not proxies.3. Using a German proxy won't tell you how fast from Germany as you have to connect to the proxy.4. Open proxies can do just as good. You don't need anon. proxies.5. Most people have PCs anyways at home and don't need to use their school one for anything but BS.Tor is not blocked by an ISP and if your ISP doesn't want you getting it then get a new damn ISP. If I was an ISP I would like people following my guidelines. Look at it from their point of view.In 90% of all sites proxies that are anon. are not legitimate, epically in an online browser game.

Edited by SilverFox (see edit history)

Share this post


Link to post
Share on other sites

It doesn't matter whether any people here, right now, are living in China. Blocking proxies is a form of censorship. If you do, you take people's rights away. You can, you may, for "your server, your rules", just like the Chinese government can, for they set the rules in China. But no matter what the reasoning is, you're still taking away possibilities. Any assumption, be it "they are all criminals", "no user of mine lives in China", "most people do/are/want xxx anyways", will be not true for some subset. Denying this means you are being untruthful about what you are doing. For this reason I find your points and your unverifyable percentages particularly dishonest.I'm not saying you can't block: I already said you can. I am saying any justification will be at least partly not true; there will be collateral damage. Question is, are you willing to live with what you're doing to your userbase?In case you haven't stopped reading: I don't care at all whether you block. I do take offense at the backhanded reasoning. Just accept that you are censoring and be up front about it.-Hunter

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now

×
×
  • Create New...

Important Information

Terms of Use | Privacy Policy | Guidelines | We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.