Hello! Everybody, I am looking for a solution for my website to prevent users from doing registration or login from proxy servers or abusing the system. Thou i have made a proxy script for header detection methods and even socket opening, but still its not very efficient many can still slip through it. So i am looking for help if anybody can guide me on that or have a ready made script which i can modify according to my needs. Thanks... Regards, Gonzo
amnezia Ya, that's the issue My site is getting too many fraud leads, so I wanted to block it at the source level only. Gonzo
cgi proxy can, even if the server it is installed on doesn't have ssl enabled you can override its security settings. One thing you can do is open a socket on port 80 of the visiting address, domestic users rarely have web servers running at home and even less are accessible to the outside world, the chances are if the socket connects to port 80 then the user is coming through a proxy on a webserver somewhere......actual proxies are different, but then they arent used so much for abuse......
I would say the primary source of abuse is "actual proxies", im pretty sure more fraudsters use IP-based proxies rather than proxy websites. They can be alot quicker and less hassle, besides the fact its alot easier to catch people through bugs in the proxy scripts themselves.
Well, I blocked proxies from a hosting site with just opening sockets on port 80 and the rate of fraudulent orders has more or less dissappeared, but I suppose it depends what youre selling .....
Ya it seems to work this way, a mix bag of all combinations suggested by all those who had replied to this thread can almost eliminate the chances of people slipping in through proxies. 1. Header detection method 2. Socket opening at port 80 3. Implementing SSL 4. IP banning of known proxies This will take care of almost everything, thou it will not be a 100% solution but good enough to filter. Thanks everybody Gonzo
Maybe take a look at MaxMind's minFraud system, I know they offer a very professional and high quality service with some of their other products.
but what about those servers running phproxy? is there any way to block them? we cant ofcourse use IP's...they are new all the time?
For example .... http://krakjoe.com/no-proxies.php http://www.scoobidoo.net/index.php?q=aHR0cDovL2tyYWtqb2UuY29tL25vLXByb3hpZXMucGhw&hl=2c8 http://www.proxapp.com/index.php?q=aHR0cDovL2tyYWtqb2UuY29tL25vLXByb3hpZXMucGhw&hl=3ed http://www.freeproxyserver.net/inde...Wtqb2UuY29tL25vLXByb3hpZXMucGhw&hl=1111101001 They will all have the same result, any proxy that is hosted on a webserver that page will block with ONE LINE OF CODE. <? if( @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) ) { die("I'm not letting you in"); } else { ?> Hello normal user, thanks for not trying to use a proxy <? } ?> PHP:
krakjoe Your method of preventing is good but not complete... Ok check this:- http://anonym.to?http://krakjoe.com/no-proxies.php Gonzo
^^ Where's your point? All this page does it redirect to Joe's page. There's no kind of Proxy involved. If you want to avoid this, all you can do is block the HTTP_REFERER, but don't even think of that, because there's no secure way of doing that. Because the referrer is sent by the browser (not all browsers send it), and it can be very easily faked. But honestly, why do you want to block referrers as well?
krakjoe Ya I agree, got it from the search result when I was testing your proxy link, its just a anonym redirector to hide the refferer. Gonzo
krakjoe, Nice one liner. However, I get a false positive from your code if I don't use a proxy but I do turn IIS on (so port 80 is active). Granted it is a bit unusual for a home user to do that , but some do.. Looking at http://www.proxyserverprivacy.com/adv-free-proxy-detector.shtml I see that they don't have false positive in my case. Do you know by any chance how they do that? Thanks.