SitePoint Sponsor

User Tag List

Results 1 to 13 of 13
  1. #1
    SitePoint Wizard GoldFire's Avatar
    Join Date
    Oct 2002
    Location
    Oklahoma City, OK
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Arrow PHP Proxy Detection

    The ability to detect proxies can be very useful, and I was looking for a solution a while back, but found nothing. I was just browsing today and stumbled upon this page that offers a solution.

    http://www.frostjedi.com/terra/scripts/proxy.php

    I test their demo script on the site and it seems to work great. I figured I would share this and also ask for others to test the script out to see if there are any faults in it. I am running some tests on it right now and would like to see other's feedback before I try and impliment their script into any of my sites.

  2. #2
    SitePoint Wizard Dylan B's Avatar
    Join Date
    Jul 2004
    Location
    NYC
    Posts
    1,150
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    If you're planning on blocking proxies, don't. Some people need to use them to get on-- like Libraries.

  3. #3
    SitePoint Wizard GoldFire's Avatar
    Join Date
    Oct 2002
    Location
    Oklahoma City, OK
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well I realise this, but there seems to be a lot of cheating going on with top game site lists such as mine and one of them is able to filter votes that are made through proxies. They don't just claim to be able to, I have tested it to see if their scripts really do, and in fact the vote was not counted when I was using a proxy.

    Also, there could be other uses for proxy detection besides blocking people.

  4. #4
    SitePoint Wizard Dylan B's Avatar
    Join Date
    Jul 2004
    Location
    NYC
    Posts
    1,150
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    So libraries wouldn't be able to vote in your poll?

  5. #5
    SitePoint Wizard GoldFire's Avatar
    Join Date
    Oct 2002
    Location
    Oklahoma City, OK
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Wow, why do I always get attacked whenever I try to help out and post something that might be useful to someone? I might as well quit, nobody ever appreciates any of it.

  6. #6
    SitePoint Wizard Dylan B's Avatar
    Join Date
    Jul 2004
    Location
    NYC
    Posts
    1,150
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    I'm not attacking, I'm just trying to find a different way around it. Proxy hunting isn't reliable.

    It's like saying "There's a criminal wearing jeans, so we're going to arrest everyone who is wearing denim." It just doesn't make sense.

  7. #7
    SitePoint Wizard GoldFire's Avatar
    Join Date
    Oct 2002
    Location
    Oklahoma City, OK
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well there isn't a way to get someone's real IP from under a proxy is there?

  8. #8
    SitePoint Wizard Dylan B's Avatar
    Join Date
    Jul 2004
    Location
    NYC
    Posts
    1,150
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    No, there isn't.

    This is an issue that people have dealt with for years. What they have ended doing, is use a combination of IP logging and cookies-- which are both easy to get around.

    There is no real way to solve this short of having user accounts.

  9. #9
    Twitter: @TimIgoe silver trophy TimIgoe's Avatar
    Join Date
    Feb 2005
    Location
    Blackpool, UK
    Posts
    1,058
    Mentioned
    27 Post(s)
    Tagged
    1 Thread(s)
    look at $_SERVER['REMOTE_ADDR'] and $_SERVER['HTTP_X_FORWARDED_FOR']

    most proxies send the 'http_x_forwarded_for' which tells you the IP behind the proxy.

    Some proxies have this disabled and thus don't send the hidden IP but most 'normal' ones do.

  10. #10
    SitePoint Wizard GoldFire's Avatar
    Join Date
    Oct 2002
    Location
    Oklahoma City, OK
    Posts
    1,517
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)
    Well that isn't very reliable either. I just tested it with a proxy in firefox and it didn't even show anything for HTTP_X_FORWARDED_FOR. Of course the proxy I am using is high anonymity, sot hat could be the problem.

  11. #11
    Twitter: @TimIgoe silver trophy TimIgoe's Avatar
    Join Date
    Feb 2005
    Location
    Blackpool, UK
    Posts
    1,058
    Mentioned
    27 Post(s)
    Tagged
    1 Thread(s)
    Yes, thats the problem - for a normal Squid / MS proxy setup it works fine (i've tried it - even behind 1 MS proxy AND 1 squid proxy it still had my internal address)

    High anonymity proxies are the problem - there isn't really any way you can detect successfully - trust me, i tried when working on Planetarion.

    I suppose you could try opening a socket to 'common' ports on the proxy? (check if it is a proxy by probing ports 3128 / 8080 etc)

  12. #12
    SitePoint Member
    Join Date
    Jun 2005
    Posts
    1
    Mentioned
    0 Post(s)
    Tagged
    0 Thread(s)

    Cool

    I found this which will give the REAL AOL User IP - even if they're using the AOL Browser!

    http://www.auditmypc.com/whats-my-ip.asp

    Wish i knew how they do it !!!

  13. #13
    Twitter: @TimIgoe silver trophy TimIgoe's Avatar
    Join Date
    Feb 2005
    Location
    Blackpool, UK
    Posts
    1,058
    Mentioned
    27 Post(s)
    Tagged
    1 Thread(s)
    That failed for me - i'm behind a squid based proxy here


Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •