Keep in mind only the $_SERVER[“REMOTE_ADDR”] variable is set by your webserver. All the others, are user defined variables. This means they can contain any value the user chooses, so it may not be a real ip address, nor may it look like an ip at all.
Different proxy’s along the way may choose different names for any ip they may forward. So just because the proxy you choose happens to use a certain name, doesn’t mean others will use the same name.
There is the small problem of blocking entire ISP’s that make heavy use of proxies though, most notably AOL (unless they restructured sometime in the last 5 years). Also, IPv4 is exhausted, so proxies and NAT’s are going to become increasingly more common. As a result this stance is untenable.
There are certainly legitimate reasons for using a proxy. There are even more reasons to block them from your website though. Traffic from data centers isn’t going to make your advertisers happy. If you run an e-commerce site, there is no legit reason why a user would need to hide behind a proxy, especially if they are making purchases.
Mind you, I’m not referring AOL or networks mentioned in my post above. There are some networks to be mindful of so false positives aren’t produced.
I deliberately run a Squid caching proxy at work… because we have limited internet bandwidth available. That is a perfectly normal, and acceptable use. Plenty of businesses and other places run proxies as a filter as well, to stop people doing things they shouldn’t, or to virus scan all inbound data. Thats not ‘hiding’, thats just using the internet.
I’m not saying people don’t hide behind proxies, they do, but blocking ALL isn’t the answer.