Anonymous proxies are a huge problem for operators of forums. I have developed an anonymous proxy blocker that will help block proxies from PHPBB forums. It is not a perfect solution and you should still be proactive in your efforts. The system works via 2 methods.
- First on login it scans the IP address for open ports associated with a proxy and attempts to send a proxy request if it finds one.
- Second it checks several reverse DNS blackhole lists for the IP
I only do this on login to minimize the load on the site, minimize the slow down in the user page loads, and not swamp the dn servers with requests.
You should check with your service provider if you are allowed to scan other computers. Some service providers will take this as hacking.
If so just comment out the very last line in the instructions.
In my implementation I have logging functions and maintain a database of discovered proxies. You may want to add that yourself or contact me and I’ll sell it to you.
- In the includes directory create a new file call proxyblocker_scan.php- Cut and paste the following into it.
< ?php
//
// Is this a new proxy using known proxy ports ?
// could have used port 80 but many dialups use it on their servers...
$ports = array( 3128, 1080, 8080 );
$target = $_SERVER['REMOTE_ADDR'];
while( $port = array_pop( $ports ))
{
$isproxy = 0;
// open a socket to the connecting host on well known proxy sockets
$socket = @fsockopen( “tcp://$target”, $port, $errno, $errstr, 3 );
if( $errno == 0 )
{
$request = “GET http://www.google.com/ HTTP/1.0rn”;
$request .= “Proxy-Connection: Keep-Alivern”;
$request .= “Pragma: no-cachern”;
$request .= “Host: www.google.comrn”;
$request .= “User-Agent: MSIE 6.0rn”;
$request .= “rn”;
fputs($socket, $request);
$response = fputs($socket, 128);
if(strlen(stristr($response, “200″)) > 0){
$isproxy = 1;
}
if( $isproxy )
{
fclose($socket);
die();
} else {
fclose($socket);
}
}
}
?>
- Save and close the file.
- In the includes directory create and open a file called proxyblocker_dnsbl.php
- Cut and paste the following into the file:
< ?php
$reverse_ip = get_reversed_ip( $_SERVER['REMOTE_ADDR'] );
// array of rbl servers
$rbl_dns_servers = array(
‘.http.dnsbl.sorbs.net’,
‘.socks.dnsbl.sorbs.net’,
‘.misc.dnsbl.sorbs.net’,
‘.proxies.blackholes.easynet.nl’,
‘.list.dsbl.org’
);
// loop through list of rbl servers
while( $reverse_dns = array_pop( $rbl_dns_servers ))
{
// check for ip on a rbl server
if( check_rbl( $reverse_ip, $reverse_dns ))
{
// discovered a proxy on one of the servers
die();
}
}
?>
- Save and Close the File
- Create and Open file in includes directory called ‘functions_proxyblock.php’
- Cut and paste the following into file:
< ?php
// checks to see if a ip is on a dns server
function check_rbl( $reverse_ip, $reverse_dns )
{
$is_bad_ip = FALSE;
$rlookup = $reverse_ip . $reverse_dns;
if( $rlookup == gethostbyname($rlookup))
{
// returned the same info so not on list
} else {
// returned information so is on list
$is_bad_ip = TRUE;
}
return $is_bad_ip;
}
// takes an ip address passed to it and returns a revered ip
function get_reversed_ip( $ip )
{
$ip_exploded = explode('.', $ip );
$reverse_ip = "$ip_exploded[3].$ip_exploded[2].$ip_exploded[1].$ip_exploded[0]“;
return $reverse_ip;
}
?>
- Open common.php
- FIND include($phpbb_root_path . ‘includes/db.’.$phpEx);
- AFTER WRITE include($phpbb_root_path . ‘includes/functions_proxyblock.’.$phpEx);
- SAVE & CLOSE common.php
- OPEN login.php
- FIND include($phpbb_root_path . ‘common.’.$phpEx);
- AFTER ADD
include($phpbb_root_path . ‘proxyblocker_scan.’.$phpEx);
include($phpbb_root_path . ‘proxyblocker_dnsbl.’.$phpEx);
Like it? Subscribe to the blog if you haven't already
Related Posts
Improved PHP Template class from phpBB
Fetch Proxies
{TITLE}
Ad Blocking as an Advertiser
| Filed under: General — Scott @ May 20, 2005 12:53 pm |
|
17 Comments
Sorry, the comment form is closed at this time.
You are genious! Great thanks!
Glad you liked it :)
Very nice :) A badly needed mod. Is there any way I can tweak this just to apply the block only to guest posters? I do not want to implement compulsory registration before posting is allowed.
I am on phpBB 2.0.21
How would I only include this on the register page and not the login page?
Jason I am sorry I don’t maintain this any longer. Last I checked there were several alternatives on phpbbhacks.com if memory serves. The code should still be good but you need to verify that for yourself.
Sorry :(
Hello,
I am having trouble with my Internet explorer.It is doing some very odd things.Sometimes it will completely close the page i am visiting for no reason or it will be very slow loading pages and when i say slow i mean very very very slow for eg i tried to google something and after 10 minutes of the page trying to load i gave up.I thought that it was perhaps the topic i was searching so i tried putting in random things to see if that made any difference but it didn’t.Another problem i had was when i was on a forum and clicked on a link and nothing happened i tried to open a new tab and that wouldn’t work either and it would let me access any options that are in my tools menu.i had to restart my computer.Just to let you know i have high speed Internet connection.Thanks in advance to anyone that helps me with this problem.
Greetings,
I’ve used your script for my website! Theres just a few errors in your script though. The
Oh yeah you forgot to add the ‘includes’ directory in serveral includes.
how do u get around blocks at school??
i know i need proxy
Hi Jade.. I would recommend searching for a thing called “CGI proxies”.
plz find me a good proxie that works
yeah me 2 plz hun im dieng skool is sooooo boring without bebo :-(
Does anyone know of a way to find out the owner of a cell phone if you know their number? I see many sites for reverse lookups for cell phones but they charge almost 100 bucks.
All of the free reverse phone number sites have a fee after you put in the phone number. Anywho.com or whitepages.com or any of that stuff does not work since you have to pay to get a report.
Are there any ACTUAL free ones out there?
Hi, people….! I find one beutiful sait…..
need a proxie
So I was off work and surfing and found this place and thought I would join up. I don’t have much more to say right now except I need to start reading some of the older posts to get up to speed before I can start posting.
Em