Webdigity Webmaster Forums - prevent submission via proxy

olaf

Sat 13 October 2007, 12:39 am GMT +0200

Hi,

I found some code to check if someone is visiting your page via a proxy:

if (
      $_SERVER['HTTP_X_FORWARDED_FOR']
   || $_SERVER['HTTP_X_FORWARDED']
   || $_SERVER['HTTP_FORWARDED_FOR']
   || $_SERVER['HTTP_VIA']
   || in_array($_SERVER['REMOTE_PORT'], array(8080,80,6588,8000,3128,553,554))
   || @fsockopen($_SERVER['REMOTE_ADDR'], 80, $errno, $errstr, 30))
{
    exit('Proxy detected');
}
?>

but it looks to me that its not working.

Actually I want that people can't submit my form if they are using a web proxy (phproxy or cgiproxy)

is this possible? I know that no headers are send with those anonymous proxies

Nikolas

Sat 13 October 2007, 12:42 am GMT +0200

There is always a solution :)

http://www.maxmind.com/app/proxy

olaf

Sat 13 October 2007, 12:45 am GMT +0200

Quote from: Nikolas on Oct 13, 2007, 12:42:46 am

There is always a solution :)

http://www.maxmind.com/app/proxy

is there a free solution?

Nikolas

Sat 13 October 2007, 12:57 am GMT +0200

There are many free lists, but none is updated enough. This one from maxmind is the best around.

olaf

Sat 13 October 2007, 12:59 am GMT +0200

so I need a list to block web proxies?

Nikolas

Sat 13 October 2007, 01:13 am GMT +0200

In my opinion if you want a professional solution you need MaxMind's API. As they know the real owner of almost every ip address they can for sure determine if one is a proxy or not :)

olaf

Sat 13 October 2007, 07:47 am GMT +0200

I create a new form using Ajax for submission ;)

Nikolas

Sat 13 October 2007, 10:13 am GMT +0200

That's a good one, but make sure that it wont work from javascript enabled proxies :)

olaf

Sat 13 October 2007, 10:17 am GMT +0200

Quote from: Nikolas on Oct 13, 2007, 10:13:12 am

That's a good one, but make sure that it wont work from javascript enabled proxies :)

yeah I know, its more about the people using proxies and automated scripts ;)