detect proxy visitors on site

Discussion in 'HOWTO-Related Questions' started by Chad, May 31, 2008.

  1. Chad

    Chad New Member

    I've Googled a few sites to get a simple script that will detect proxy users accessing your site through any proxy (anonymous or not).

    I've tried a few variations in my index.php file

    First, this one turned out blank on visit (direct, not through proxy)

    //Create object
    $def_attack = new DefensiveAttack(’’);
    //Set my IP address
    $XIP=new XIP();
    $ip =$XIP->IP['client']; // Find the IP received by the server
    $blacklist=implode(”, file(”blacklist.txt”)); // Load blacklist from the filesystem (a list of IP addresses)
    if ($XIP->CheckNet($blacklist, $XIP->IP['client'])) die(”Blacklisted Proxy DETECTED<br>”) ;
    // Check IP for Known open proxies. Uses SPAMCOP services to detect well-known spammers’ IP addresses
    $handle = @fopen(”$ip”, “rb”);
    $contents = ”;
    while (!feof($handle))
    $contents .= @fread($handle, 8192);
    if ( preg_match(”/$ip\s*listed in \w*\.spamcop\.net/”,$contents) )
    die(’IP Listed in Spamcop!’);
    if ($XIP->Proxy['detected'])
    die(”Proxy DETECTED<br>”) ;
    //Looking for proxy. Uses the other class.
    if ($def_attack->IsUseProxy())
    die(”You are using proxy<br>”);
    //Check referer if I do not want direct access to my site.
    if (false === $def_attack->CheckReferer())
    die (”Access deny. Direct access not allowed<br>”);
    This one took ages to load the page direct, not through proxy

    // start code
    // if getenv results in something, proxy detected
    if (getenv('HTTP_X_FORWARDED_FOR')) {
    // otherwise no proxy detected
    else {
    // print the IP address on screen
    echo $ip;
    if (
       || $_SERVER['HTTP_CLIENT_IP']
       || $_SERVER['HTTP_VIA']
       || in_array($_SERVER['REMOTE_PORT'], array(8080,80,6588,8000,3128,553,554))
       || @fsockopen($_SERVER['REMOTE_ADDR'], 80, $errno, $errstr, 30))
        exit('Proxy detected');
    I also want it to save the info to some local txt log file as well for future reference. Can someone please provide a decent method that won't affect load time, turn out blank, and even save to a log? I'd appreciate the help. Also, to be sure it does *not* block AOL members either.

    I'm using PHP 5x on Apache 2.2
  2. Leszek

    Leszek Member

    You could try this:

    [/COLOR][COLOR=#ff9900]// checking IP
    [/COLOR][COLOR=#006600]function [/COLOR][COLOR=#0000cc]IP_prawdziwe[/COLOR][COLOR=#006600](){ 
    if ([/COLOR][COLOR=#0000cc]$_SERVER[/COLOR][COLOR=#006600][[/COLOR][COLOR=#cc0000]'HTTP_X_FORWARDED_FOR'[/COLOR][COLOR=#006600]]) { 
        [/COLOR][COLOR=#0000cc]$ip_prawdziwe [/COLOR][COLOR=#006600]= [/COLOR][COLOR=#0000cc]$_SERVER[/COLOR][COLOR=#006600][[/COLOR][COLOR=#cc0000]'HTTP_X_FORWARDED_FOR'[/COLOR][COLOR=#006600]]; 
    else { 
      [/COLOR][COLOR=#0000cc]$ip_prawdziwe [/COLOR][COLOR=#006600]= [/COLOR][COLOR=#0000cc]$_SERVER[/COLOR][COLOR=#006600][[/COLOR][COLOR=#cc0000]'REMOTE_ADDR'[/COLOR][COLOR=#006600]]; 
    return [/COLOR][COLOR=#0000cc]$ip_prawdziwe[/COLOR][COLOR=#006600]; 
    and read the IP:
    [COLOR=#000000][COLOR=#0000cc]<?php [/COLOR][COLOR=#ff9900]
    [/COLOR][COLOR=#0000cc]$ip [/COLOR][COLOR=#006600]= [/COLOR][COLOR=#0000cc]IP_prawdziwe[/COLOR][COLOR=#006600](); 
    [/COLOR][COLOR=#006600]echo [/COLOR][COLOR=#0000cc]IP_prawdziwe[/COLOR][COLOR=#006600](); 
    It works but it doesn't always have to depending on the proxy.
  3. torrent

    torrent New Member

    If we talking about proxy headers, i know some source where i'm testing my proxy for anonymous level - php proxy headers, see most used proxy headers here...

    As usual if proxy with level "anonymous" (not elite), header HTTP_X_FORWARDED_FOR contain my IP.

Share This Page