I used to ahve a script that would check to see if someone had a real ip address if they entered my site via a proxy. However it is not working properly anymore. port 80 and other direct ip proxys i know will not be blocked. what im looking to do is block them from entering if they have a real ip address. Or at least pop up a notification we are logging you entering the site under "proxy" with your real ip being "x" I have my own logging system tied to my current system already. But not picking it up. I think it was a change in the server not sure. php 4.4.1 Any suggestions or snippets anyone can share? Thanks in advance. Tj
# Mod to report anonymous Proxy if ($HTTP_X_FORWARDED_FOR) { $emailrecipient="emailhere@a.com"; $message="User: $user["username"]\nConnected Via: $HTTP_VIA - $REMOTE_ADDR\n" . "Real IP: $HTTP_X_FORWARDED_FOR\n" . "Email: $user["email"]"; mail($emailrecipient, "Proxy login on Site Name", $message, "From: emailhere@a.com\r\n" . "Reply-To: emailhere@a.com\r\n" . "X-Mailer: PHP/" . phpversion()); } # End of mod PHP: I had a statement that used same to edit out login area if not using real ip address. However it seemed to block even those that only had a proxy connection. Any ideas? TJ
That script's only going to detect proxies which add a forwarding header. Anonymous proxies won't bother adding that header and you'll not catch them anyway. All you're going to catch are people sat behind genuine ISP firewalls and the like, not people trying to use stealth. So, you're gonna piss off innocent people and not stop illicit ones.
See original post. I think you might have forgot what i was asking. I said it somewhat works. However not in the manner I want it to and if anyone had ideas how I could pick it up. TJ