Chesso
May 17 2007, 05:35 PM
| | Hello, I have tried a few simple methods in PHP to detect and block proxies but it always fails (I tested on an easy to find online list, and not a single one was blocked, they all got the ok message).
It was only a simple X_FORWARD thingy, but even fromy my extensive searches, I find more information about how to get around detection, and not enough of how to detect lol.
Is there reasonable solution, aside from storing a massive list stamping the bandwidth into the ground (and not to mention page speed).
I don't know if the CPanel has anything included, but I am looking for a general solution (a mate of mine runs a site and needs this pretty bad).
Thanks  . |
Comment/Reply (w/o sign-up)
SilverFox
May 18 2007, 03:11 AM
Chesso I have a python script that blocks tor...but I know you hate python  This is something I also am interested in due to NH.
Comment/Reply (w/o sign-up)
Chesso
May 18 2007, 04:38 AM
Tor alone won't do much lol.
Comment/Reply (w/o sign-up)
SilverFox
May 18 2007, 04:26 PM
QUOTE Tor alone won't do much lol. If you need it for Comhack it'd do the job, but I'd recommend manual activation for that. Privox (cantbustme, hidemyass, 250.eu, etc) proxies almost never change so you can block them like normal IPs. As for other proxies, maybe have a script that is needed to view the site? Because most proxies block scripts.
Comment/Reply (w/o sign-up)
jumbo
May 20 2007, 02:21 AM
sounds cool. But some website can still detect it. Like microsoft.com or yahoo.com
Comment/Reply (w/o sign-up)
ethergeek
May 21 2007, 05:42 PM
I know some of the DNSBLs have known proxies in them for spam blocking...maybe you could do that? Another solution would be to try a port 80 connect() (this will also block people who have open web servers on their machines or something else listening there) to the client ip and if it gets back data, make them jump through a few hoops to get to the site. Or make them unable to post anonymously, etc. Think of why you want to do this...if it's an abuse issue, great, but keep in mind you'll block people who have network nazis at work and school.
Comment/Reply (w/o sign-up)
Chesso
May 21 2007, 10:39 PM
I wish to block anonymous proxies only. Why would someone in a legitimate circumstance require an anonymous one lol.
Comment/Reply (w/o sign-up)
SilverFox
May 22 2007, 02:18 AM
@ethergeek: If yo at school you have no bussniess logging onto most websites, epically those blocked. If your at work you need to be working. As a developer of a game where multiple accounts is a big no-no I find that blocking proxies would be great and important and that there is no need for anonymous proxies unless your doing something naughty.
Comment/Reply (w/o sign-up)
Chesso
May 22 2007, 02:54 AM
Well I'm sure there is a legitimate use but I can't think of one, and haven't heard of anyone using it for one so yeah lol.
Comment/Reply (w/o sign-up)
Quatrux
May 22 2007, 05:27 AM
I don't see any point of blocking a proxy connection, due to I myself sometimes use a proxy and it is usually not bad and there are reasons, of course, some anonymous proxies might be used to hack your site and that you wouldn't be able to find them, but usually if you will want to be hacked by some good guru/hardcore hacker, a php script which won't let a connection with a proxy won't help you a lot, in fact I doubt it will help.. anyway, here is my script I wrote some years ago to determine the right ip address of the user: CODE function getStats() {
global $s; // $s &= $_SERVER;
/* Get Info about User */
$stats['proxy'] = '';
$stats['info'] = $s['HTTP_USER_AGENT'];
$stats['page'] = $s['REQUEST_URI'];
$stats['method'] = $s['REQUEST_METHOD'];
/* Check Server Name */
if (!isset($s['SERVER_NAME'])) {
if (isset($s['HOSTNAME'])) {
$stats['server'] = $s['HOSTNAME'];
} elseif (isset($s['HTTP_HOST'])) {
$stats['server'] = $s['HTTP_HOST'];
} elseif (isset($s['SERVER_ADDR'])) {
$stats = $s['SERVER_ADDR'];
} else {
$stats['server'] = 'localhost';
}
} else {
$stats['server'] = $s['SERVER_NAME'];
}
/* Check http Proxy and IP Address */
if (isset($s['HTTP_X_FORWARDED_FOR'])) {
if (isset($s['HTTP_CLIENT_IP'])) {
$stats['proxy'] = $s['HTTP_CLIENT_IP'];
} else {
$stats['proxy'] = $s['REMOTE_ADDR'];
}
$stats['ip'] = $s['HTTP_X_FORWARDED_FOR'];
} elseif (isset($s['HTTP_CLIENT_IP'])) {
$stats['ip'] = $s['HTTP_CLIENT_IP'];
} else {
$stats['ip'] = $s['REMOTE_ADDR'];
}
# Return the Array
return $stats;
} and the usage of this is something like $stats = getStats(); and you'll get an array, to see what it has you can just do a print_r($stats); and thats all, this script was written years ago, maybe some headers appeared or something better, so a google search or a search in the manual might also help to improve it.
Comment/Reply (w/o sign-up)
iGuest
Mar 21 2009, 10:28 PM
I think anyone who wants to block anonymous proxies should have the right to do so. Regardless of what other people think about it.
After all, a websites content does belong to the owner of that website.If they want to block an anonymous proxy user from accessing their website it is up to them.
The "surfer" of a web site really does not have any rights when surfing websites.Only what the owner of the website allows. People tend to forget this and take it for granted.
Comment/Reply (w/o sign-up)
iGuest
Jan 28 2009, 07:08 PM
Anonymous Proxies
Proxy Detection And Blocking.
Lets just start by saying yes it is true that many people misuse anonymous proxies. (proxy chains, tor etc.) for purposes that are or may be illegal. And yes there are a lot of people who do this, but the same people who are the ones that pursue them are the ones who use them.
Let's face it there will always be censorship issues wherever in life. The Library computer, the Arab Internet, The Great Firewall of China are all good examples but what people don't realize is that there will always be a way around any firewall, honey pot, php, java script, or any other applet that anyone can create.
These Countries, Dictators and Network Administrators get by on the fact that the average person does not know how to exploit blacklisting. But more and more people become saavy everyday. The mantra "Knowledge is Power" has really reached an all new meaning in the 21st century. This has drawn an all new following. Looks like the script kiddies are growing up a little.
My point is Anonymous proxies not only serve the "guilty" ones but they also play an integral role in the internet. In fact would you go out to a restaurant flashing your ID or credit card number around? Thats basically what you are doing on a direct connection. A Hacker having your real IP address is like wrapping a bow around your box and installing a trojan. Especially if it is windows vista.
There really is no way to tell if the server you get the page from is the real thing anyways. Even a proxy cant help you with this only a good wiresniffing program can help you with an ARP Poisoning attack. Anonymous proxy would have at least bought you some time. Out of sight out of mind.
At least a proxy server gives you a slight advantage against hackers while you surf.
- "Some people call it paranoid, I call it prepared
- ReNeGaDe
Comment/Reply (w/o sign-up)
iGuest
Oct 17 2007, 04:45 PM
It doesn't matter whether any people here, right now, are living in China. Blocking proxies is a form of censorship. If you do, you take people's rights away. You can, you may, for "your server, your rules", just like the Chinese government can, for they set the rules in China. But no matter what the reasoning is, you're still taking away possibilities. Any assumption, be it "they are all criminals", "no user of mine lives in China", "most people do/are/want xxx anyways", will be not true for some subset. Denying this means you are being untruthful about what you are doing. For this reason I find your points and your unverifyable percentages particularly dishonest. I'm not saying you can't block: I already said you can. I am saying any justification will be at least partly not true; there will be collateral damage. Question is, are you willing to live with what you're doing to your userbase? In case you haven't stopped reading: I don't care at all whether you block. I do take offense at the backhanded reasoning. Just accept that you are censoring and be up front about it. -Hunter
Comment/Reply (w/o sign-up)
SilverFox
May 22 2007, 09:52 PM
1. Do any of us live in China? I rest my case. 2. The answer to things like china is forcible revolution not proxies. 3. Using a German proxy won't tell you how fast from Germany as you have to connect to the proxy. 4. Open proxies can do just as good. You don't need anon. proxies. 5. Most people have PCs anyways at home and don't need to use their school one for anything but BS. Tor is not blocked by an ISP and if your ISP doesn't want you getting it then get a new damn ISP. If I was an ISP I would like people following my guidelines. Look at it from their point of view. In 90% of all sites proxies that are anon. are not legitimate, epically in an online browser game.
Comment/Reply (w/o sign-up)
Chesso
May 22 2007, 03:11 PM
In an online web browser game? (the purpose of this blocking of anonymous proxies). School, Work or College: Shouldn't be playing it here anyway. ISP Blocking sites: Who's problem is that? not mine lmao. I know of, have played and participated (as staff) in a few such games and haven't heard of a single person with a legitimate excuse for using an anonymous proxy. English sites don't tend to attract germans, arabs or chinese (within there respective countries)...... unless of course they have a good command of the english language.
Comment/Reply (w/o sign-up)
Similar Topics
Keywords : Proxy Detection Blocking
Looking for proxy, detection, blocking,
|
See Also,
*SIMILAR VIDEOS*
Searching Video's for proxy, detection, blocking,
|
advertisement
|
|
