Page 1 of 1

Blocking proxy users?

Posted: Tue Dec 01, 2009 4:39 pm
by fingers
Hi

I have exhausted the Internet for a effective blocking system. I want to block proxy users.

I have tried;

htaccess

RewriteEngine on
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule .* - [F]



Does not work!

PHP

if (
$_SERVER['HTTP_X_FORWARDED_FOR'] ||
$_SERVER['HTTP_X_FORWARDED'] ||
$_SERVER['HTTP_FORWARDED_FOR'] ||
$_SERVER['HTTP_CLIENT_IP'] ||
$_SERVER['HTTP_VIA'] ||
in_array($_SERVER['REMOTE_PORT'], array(8080,80,6588,8000,3128,553,554)) ||
@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errno, $errstr, 30))
{
exit('Proxy detected');
}

else


Works, but when not coming from a proxy it loads the page very very slow.

I have a linux server, does anyone have any suggestions please?

Thanks.

Re: Blocking proxy users?

Posted: Tue Dec 01, 2009 4:52 pm
by John Cartwright
You are fighting a war that cannot be won. Transparent proxies are undetectable, and it is up to the proxy to display information of whether it is a proxy connection or not.

However, the reason why your script is running slow is because you are attempting to open a connection with the connecting IP address on port 80 with a timeout of 30 seconds. 99.99% of the time this will result in the 30 second timeout triggering because the rarely will this connection be successful. Basically, this is not a good idea.

Your best bet is to sign up with a service that specializes in collecting the IP ranges of known proxies, and check if the IP exists in such a database.

Re: Blocking proxy users?

Posted: Tue Dec 01, 2009 6:33 pm
by fingers
were can i find this service ? As i cant seam to find it using google.

Re: Blocking proxy users?

Posted: Tue Dec 01, 2009 6:48 pm
by John Cartwright
I don't know any off hand, however, it's quite simple to develop a scraper to search the internet for *working* public proxies. (which we did quite successfully for another project).

I do know such services exist, but I wasn't able to locate any either after a quick google.

Re: Blocking proxy users?

Posted: Wed Dec 02, 2009 1:48 am
by fingers
mmm, this is a big problem for many websites so how is it there seems to be no clear solution.? I wonder if i am missing something?

Re: Blocking proxy users?

Posted: Wed Dec 02, 2009 1:59 am
by John Cartwright
fingers wrote:mmm, this is a big problem for many websites so how is it there seems to be no clear solution.? I wonder if i am missing something?
No, you are not missing anything, but you have to understand the nature of a proxy. By design, their are meant to disguise the user's identity, and often enough, their own identity. It is 100% up to the proxy to signify if the client connection has been proxied or if the proxy is completely transparent.

There is no magical way to detect such a thing.

Re: Blocking proxy users?

Posted: Wed Dec 02, 2009 2:43 am
by Apollo
As mentioned already, most proxies do NOT reveal any information like PROXY_CONNECTION, X_FORWARDED_FOR, etc, because their very purpose is to hide the fact that they're hiding someone else.
fingers wrote:were can i find this service ? As i cant seam to find it using google.
For example: http://www.ip2proxy.com/

But remember that even such paid services are not 100% proxy proof. There are always new proxies appearing, or other anonymity services (such as TOR), which can by definition of their purpose, not be recognized as such.

Re: Blocking proxy users?

Posted: Wed Dec 02, 2009 6:18 am
by fingers
This is the best I have got so far;

<?php
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errorstring, $errno, 1))
{
header("location:http://www.404page.php");
}
?>

Seems to work with nearly all proxies I have found, not all but a great deal, this remains undetected however megaproxy.com/freesurf/.

It is very fast when there is no proxy so I feel this is quite a good stop gap, better than nothing anyhow. ip2proxy.com is a better option but the cost they want is a little over the top I feel for our problem at the mo.

Re: Blocking proxy users?

Posted: Wed Dec 02, 2009 6:47 am
by Apollo
Then again, is it really that big a problem that people can visit you anonymously?

Re: Blocking proxy users?

Posted: Wed Dec 02, 2009 7:09 am
by fingers
Very true, but it goes a little way to reducing the pond scum activity we do not want.

The best proxy services that will get through are NOT free and this filters out quite a big % of the passing scum.

ip2proxy.com is VERY expensive and I have no doubt there are much cheeper systems to do the same,

the search continues.