Jump to content


Stop Proxy Servers

  • Please log in to reply
6 replies to this topic

#1 crimsonmoon

  • Members
  • PipPipPip
  • Advanced Member
  • 36 posts

Posted 06 July 2006 - 05:36 PM

I run a site where I don't allow my users to have multiple accounts. I watch out for this via pulling the IP address from PHP. Well I now have users using proxy server sites like this: http://freeproxyserver.net/  To get by my tracking methods.

Is there anything I can do to stop them from using these sites. Is there a list of proxy server IP's I could just block?

What does everyone else do?

If you IP Banned someone they could just go to one of these sites and they are back in.

#2 jvrothjr

  • Members
  • PipPipPip
  • Advanced Member
  • 300 posts
  • LocationOhio

Posted 06 July 2006 - 05:59 PM

Banning some one based on IP is not the best there is no true way to stop anyone from getting back in based on IP. For me I have cable modem connection and all i have to do to reset my IP is shut it down and restart it and I will get a new IP.
Plus the user can just go to another location and get back in...... you maybe able to Ban by Mac ID on the network card.  but this will lock that card out.

If you understand everything you know nothing!


#3 .josh

  • Staff Alumni
  • .josh
  • 14,871 posts

Posted 06 July 2006 - 07:19 PM

You can't get a mac address of someone unless you were local to them. The mac address is put into the IP packet at the 2nd level of the OSI model, its a physical address... once you go out through a router the mac address of the reported packet is changed, and is changed each and every time.. think of the mac as a "Return" address. You send out a packet and it goes across the country, and goes through 5 routers, the mac address on the packet will change each and every time it goes through a router, where the IP address won't. It's a type of routing code that the routers use to identify where the packet came from and where to send a response to.

Did I help you? Feeling generous? Buy me lunch! 
Please, take the time and do some research and find out how much it would have cost you to get your help from a decent paid-for source. A "roll-of-the-dice" freelancer will charge you $5-$15/hr. A decent entry level freelancer will charge you around $15-30/hr. A professional will charge you anywhere from $50-$100/hr. An agency will charge anywhere from $100-$250/hr. Think about all this when soliciting for help here. Think about how much money you are making from the work you are asking for help on. No, we do not expect you to pay for the help given here, but donating a few bucks is a fraction of the cost of what you would have paid, shows your appreciation, helps motivate people to keep offering help without the pricetag, and helps make this a higher quality free-help community :)

#4 crimsonmoon

  • Members
  • PipPipPip
  • Advanced Member
  • 36 posts

Posted 07 July 2006 - 08:42 PM

So pretty much there's no way to keep someone who causes trouble off my site.

#5 redarrow

  • Members
  • PipPipPip
  • Advanced Member
  • 7,308 posts
  • Locationlondon

Posted 07 July 2006 - 10:20 PM

what is the code you use see what the url is from the client.
Wish i new all about php DAM i will have to learn

#6 corbin

  • Staff Alumni
  • Advanced Member
  • 8,129 posts

Posted 07 July 2006 - 10:37 PM

Dont some proxies send something about being a proxy in a header?  I dont remember where i read that though so I'm probably wrong...
Why doesn't anyone ever say hi, hey, or whad up world?

#7 Crimpage

  • Members
  • PipPipPip
  • Advanced Member
  • 70 posts
  • LocationBrisbane, Australia

Posted 08 July 2006 - 12:03 AM

That would kind of defeat the purpose of using these proxies to hide / manipulate your IP Address... There is never a solid way to keep someone out of your website. There is always a way to pretend that you are someone else...

I'm not sure what your website does or how far people will go to create a new account, but here are a couple of things you could implement:
Log the IP address: You might as well, now with broadband and static IP addresses being more common, this is still a good start.

Require email verification / account activation: A lot of people only try to break / crack things because the oportunity is there. If you make a couple of extra hoops that they have to jump through to get it, some will just not bother... like me :)

Random character validation: You know the thing where is shows you 6 or so random characters so that you have to enter it in to stop people using programs that will automatically fill in forms etc... again, just another hoop.

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users