Proxy Servers

[bungo]

Is there any way to block people using Proxy Servers from accessing your site? Some silly child was constantly refreshing my hit counter (in excess of 3000 hits per day) so I banned his IP. Now it is continuing to go up, and logs show that it is online proxy servers that are generating all these hits.

Do I have to go through *every* proxy server on the web to block it's IP or is there a simpler way?

Thanks
Bungo

 

[Paul_KY]

Bungo,

Sadly, the poor chap most likely has access to thousands of proxy servers. I'm not sure if anything can be done, but I wouldn't doubt if someone here knew a trick or two.

 

[bungo]

Yes, there's at least 75 different proxies he's using, and banning their IP's one by one will take ages, and then he's always going to be one step ahead of me, I can't ban it until he uses it.

He's also targetting any downloads on my site to eat up my bandwidth, so I've had to disable downloads and the hit counter until I can resolve this.

Any help much appreciated!
Bungo

 

[Duke]

Too bad you can't report the little tard to his ISP and have them deal with it.

 

[bungo]

I was thinking about that, but has he actually done anything wrong?
As far as I can see, all he's doing is opening a webpage through different proxy servers. Is that illegal? It's certainly bloody annoying, but I'm not too sure of the legal side of things.

I put his IP through an IP Lookup, and got "user-2480.l5.c5.dsl.pol.co.uk" returned. How do I find what his ISP is? I may as well fire off an e-mail anyway, see if they reply with anything useful.

Thanks a lot.
Bungo

 

[stealthhosts]

I can help you with this, you can prevent proxies being used at all to access your site.

Thing is that you may restrict valid visitors. Let me know if you want the script

 

[bungo]

Thanks Stealthhosts, would like to see that script.

 

[stealthhosts]

I just had a look to try and find it, the one I had was a module we did for PHP-Nuke.

I had a root and found a detection script we can probably modify to do the job.

Do you want to test it, let me kno if it works as desired and then I can look at coding it to redirect them to lamer.com or something

<?php

echo "Starting Proxy Detection System<br><br>";

#Here you can call a function to check if the IP is blocked
#and if not then continue to the IF statement

if ($HTTP_X_FORWARDED_FOR)
{
echo "Warring: You might be using a proxy server to connect us<br><br>";
echo "Connected Via: " . $HTTP_VIA . " - " . $REMOTE_ADDR;
echo "<br>Your real IP: " . $HTTP_X_FORWARDED_FOR; 
}
else
{
echo "You are probably not using a proxy server<br>";
echo "Your IP: " . $REMOTE_ADDR;
}

?>

 

[bungo]

I'm assuming I'll need to modify that script in order for it to work first? I don't know PHP, so I'm a bit stuck there. I included exactly what you posted and then connected through several different proxy servers myself, all with the result "You are probably not using a proxy server".

Excuse my ignorance, and thanks for the help!
Bungo

 

[stealthhosts]

hmmm, ok - its not infallable then.

You shouldnt need to edit it. It's a very basic example that simply checks one header. Let me see what else I have

 

[TWD-Tony]

As mentioned above - I would be VERY carefull about trying to block proxy connections, I know that the majority of NTL (UK ISP) customers are connected through proxy's so you could end up blocking all of these legit visitors...

 

[bungo]

Hmmm, I contacted the lil <nasty word in here>'s ISP and they seem to have stopped him. Not sure exactly what they've done (apparently the Data Protection Act 1998 prevents them telling me), but for the first time in weeks, he's not reloaded the index page thousands of times today.

Thanks for all the assistance anyway. It'd be interesting to know why there isn't a simple .htaccess command or other similar method for blocking proxy connections.

Thanks!
Sam

 

[Duke]

I"m glad it worked. I've heard it done but never had to do this myself.