slyte33 Posted March 3, 2010 Share Posted March 3, 2010 I've searched google for hours and finally found a code that has blocked over 50+ proxies that i've tried from accessing my site: if( @fsockopen( $_SERVER['REMOTE_ADDR'], 80, $errstr, $errno, 1 ) ) { echo "Not allowed, using proxy!"; ext(); } What I am asking is, how effective is this? Can it be bypassed or anything? All help on this would be appreciated, thanks! Quote Link to comment Share on other sites More sharing options...
ferdi Posted March 3, 2010 Share Posted March 3, 2010 Well, that would work for HTTP proxies, that are web-based. There are also Socks proxies, and some other's using different ports. Here are some other commonly used ports by proxies: 80 88 443 554 808 1080 3124 3127 3128 3246 6588 8000 8008 8080 8085 8088 8118 9188 36673 Quote Link to comment Share on other sites More sharing options...
ferdi Posted March 3, 2010 Share Posted March 3, 2010 Sorry, but I don't reply with PM's. You could use this to search with each port; <?php $ports = array(80, 88, 443, 554, 808, 1080, 3124, 3127, 3128, 3246, 6588, 8000, 8008, 8080, 8085, 8088, 8118, 9188, 36673); foreach($ports as $port) { if (@fsockopen( $_SERVER['REMOTE_ADDR'], $port, $errno, $errstr, 1)) $proxy = true; } if (!empty($proxy)) { echo 'You have been detected to be using a proxy!<br />Please contact an administrator if you feel this is incorrect.'; exit; } Just to make something more clear, even with just those commonly used ports it would take 19 seconds to check. I'd suggest caching the valid IP's somewhere after validation. Quote Link to comment Share on other sites More sharing options...
lAZLf Posted March 3, 2010 Share Posted March 3, 2010 I've had some problems with spammers using proxy servers myself. I tried using "fsockopen()", and it worked. On the other hand loading time for my website went from roughly 1.5 seconds to nearly 25 seconds!! Is there anyway around this??? Quote Link to comment Share on other sites More sharing options...
ferdi Posted March 3, 2010 Share Posted March 3, 2010 Not while using fsockopen, it actually has to try and connect to that certain port, and... wait. But as I said, just validate each IP once, and store it. Quote Link to comment Share on other sites More sharing options...
Cory94bailly Posted March 4, 2010 Share Posted March 4, 2010 But what if the user is running a home server (publicly) or has those ports open (for any reason)? They will be banned for no reason. Quote Link to comment Share on other sites More sharing options...
ferdi Posted March 4, 2010 Share Posted March 4, 2010 Well, those are really unusual ports for any browser. Browsers ports are usually very high in range value. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.