HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   HOWTO-Related Questions (http://www.howtoforge.com/forums/forumdisplay.php?f=2)
-   -   detect proxy visitors on site (http://www.howtoforge.com/forums/showthread.php?t=23800)

Chad 31st May 2008 21:19

detect proxy visitors on site
 
I've Googled a few sites to get a simple script that will detect proxy users accessing your site through any proxy (anonymous or not).

I've tried a few variations in my index.php file

First, this one turned out blank on visit (direct, not through proxy)

Code:

<?php
require_once(’class.php4.DefensiveAttack.php’);

//Create object
$def_attack = new DefensiveAttack(’my.sitename.com’);

//Set my IP address
$def_attack->SetMyIpAddress(’SERVER_IP’);

require(’class.XIP.php’);
$XIP=new XIP();

$ip =$XIP->IP['client']; // Find the IP received by the server

$blacklist=implode(”, file(”blacklist.txt”)); // Load blacklist from the filesystem (a list of IP addresses)
if ($XIP->CheckNet($blacklist, $XIP->IP['client'])) die(”Blacklisted Proxy DETECTED<br>”) ;

// Check IP for Known open proxies. Uses SPAMCOP services to detect well-known spammers’ IP addresses
$handle = @fopen(”http://www.spamcop.net/w3m?action=checkblock&ip=$ip”, “rb”);
stream_set_timeout($handle,$timeout);
$contents = ”;
while (!feof($handle))
{
$contents .= @fread($handle, 8192);
}
fclose($handle);
if ( preg_match(”/$ip\s*listed in \w*\.spamcop\.net/”,$contents) )
{
die(’IP Listed in Spamcop!’);
}

if ($XIP->Proxy['detected'])
{
die(”Proxy DETECTED<br>”) ;
}
//Looking for proxy. Uses the other class.
if ($def_attack->IsUseProxy())
{
die(”You are using proxy<br>”);
}

//Check referer if I do not want direct access to my site.
if (false === $def_attack->CheckReferer())
{
die (”Access deny. Direct access not allowed<br>”);
}

?>

This one took ages to load the page direct, not through proxy

Code:

<?php
// start code

// if getenv results in something, proxy detected

if (getenv('HTTP_X_FORWARDED_FOR')) {
$ip=getenv('HTTP_X_FORWARDED_FOR');
}

// otherwise no proxy detected

else {
$ip=getenv('REMOTE_ADDR');
}

// print the IP address on screen
echo $ip;
if (
      $_SERVER['HTTP_X_FORWARDED_FOR']
  || $_SERVER['HTTP_X_FORWARDED']
  || $_SERVER['HTTP_FORWARDED_FOR']
  || $_SERVER['HTTP_CLIENT_IP']
  || $_SERVER['HTTP_VIA']
  || in_array($_SERVER['REMOTE_PORT'], array(8080,80,6588,8000,3128,553,554))
  || @fsockopen($_SERVER['REMOTE_ADDR'], 80, $errno, $errstr, 30))
{
    exit('Proxy detected');
}
?>

I also want it to save the info to some local txt log file as well for future reference. Can someone please provide a decent method that won't affect load time, turn out blank, and even save to a log? I'd appreciate the help. Also, to be sure it does *not* block AOL members either.

I'm using PHP 5x on Apache 2.2

Leszek 1st June 2008 01:10

You could try this:

Code:

<?php

// checking IP
function IP_prawdziwe(){

if (
$_SERVER['HTTP_X_FORWARDED_FOR']) {
   
$ip_prawdziwe = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
else {
 
$ip_prawdziwe = $_SERVER['REMOTE_ADDR'];
}

return
$ip_prawdziwe;
}

?>

and read the IP:
Code:

<?php
$ip = IP_prawdziwe();
echo IP_prawdziwe();
?>

It works but it doesn't always have to depending on the proxy.

torrent 14th April 2009 22:35

If we talking about proxy headers, i know some source where i'm testing my proxy for anonymous level - php proxy headers, see most used proxy headers here...

As usual if proxy with level "anonymous" (not elite), header HTTP_X_FORWARDED_FOR contain my IP.

proxybuy 3rd May 2012 14:59

Thanks for helpful information .


All times are GMT +2. The time now is 00:37.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.