Jump to content
MakeWebGames

Checking if an IP is (maybe) a proxy

a_bertrand

By a_bertrand
in Tutorials

 Share

Recommended Posts

a_bertrand Newbie

a_bertrand

Posted
Posted

Based on this code: http://www.oooff.com/php-affiliate-seo-blog/php-automation-coding/php-code-to-check-if-someone-is-coming-from-a-open-proxy/

I made a modification to check if somebody is running through a proxy or not. Basically we check ports the client IP answer, if the port answer and not with a "known" string (like for a router) we assume it's a proxy. It's certainly not the safest solution, but it should filter out quiet some open proxy without filtering out too much players. However players running an open web server on their machine will be detected as proxy.

The function returns 1 if something is found, 0 if not.

 

function ipProxyPortCheck($ip,$ports="80,3124,3127,3128,8080")
{
       //timeout you want to use to test
       $timeout = 2;
       // ports we're going to check
       //$ports = array(80,3124,3127,3128,8080);
       $ports=split(",",$ports);
       // flag to be returned 0 means safe, 1 means open and unsafe
       $flag = 0;
       // loop through each of the ports we're checking
       $knownRouters=array("ubicom/","allegro-software","rompager");
       foreach($ports as $port)
       {
               // this is the code that does the actual checking for the port
               @$fp = fsockopen($ip,$port+0,$errno,$errstr,$timeout);
               // test if something was returned, ie the port is open
               if(!empty($fp))
               {
                       fwrite($fp,"GET / HTTP/1.0\n\n");
                       $isOk=false;
                       while(!feof($fp))
                       {
                               $line=trim(fgets($fp, 4096));
                               if($line == "")
                                       break;
                               list($field,$data)=explode(":",$line);
                               if(strtolower($field) == "server")
                               {
                                       $data=strtolower(trim($data));
                                       foreach($knownRouters as $okServer)
                                       {
                                               if(strpos($data,$okServer) !== false)
                                               {
                                                       $isOk=true;
                                                       break;
                                               }
                                       }
                                       break;
                               }
                       }
                       // close our connection to the IP
                       fclose($fp);
                       if(!$isOk)
                       {
                               // we know the set the flag
                               $flag = 1;
                               return(1);
                       }
               }
       }
       // send our flag back to the calling code
       return $flag;
}
Link to comment
Share on other sites
Floydian Newbie

Floydian

Posted
Posted

Re: Checking if an IP is (maybe) a proxy

Hey a_bertrand,

 

$knownRouters=array("ubicom/","allegro-software","rompager");

 

Would that list allow AOL users through? I'm thinking that list there is for folks who use dial up or whatnot.

If that's correct, then the list could be a lot longer, I presume.

That's some nice code, thanks for posting it.

Link to comment
Share on other sites
a_bertrand Newbie

a_bertrand

Posted
  • Author
Posted

Re: Checking if an IP is (maybe) a proxy

The list you mention is basically a list of accepted web servers softwares. Basically we need to accept routers but not softwares used by those open proxies. So the list has nothing to do with the providers. Also this is used only if the function can connect back to the computer which called us.

Link to comment
Share on other sites
  • 2 months later...
a_bertrand Newbie

a_bertrand

Posted
  • Author
Posted

Re: Checking if an IP is (maybe) a proxy

This is my final version of the function which I use since a while. Works perfectly for my needs and doesn't block legit players.

 

function ipProxyPortCheck($ip,$ports="80,3124,3127,3128,8080")
{
       //timeout you want to use to test
       $timeout = 2;
       // ports we're going to check
       //$ports = array(80,3124,3127,3128,8080);
$ports=split(",",$ports);
       // flag to be returned 0 means safe, 1 means open and unsafe
       $flag = 0;
       // loop through each of the ports we're checking
$knownRouters=array("ubicom/","allegro-software","rompager","jetty","geohttpserver","goahead-webs","pache/0.6");
       foreach($ports as $port)
       {
	$log=date(DATE_ATOM)." - $ip:$port - ";
               // this is the code that does the actual checking for the port
               @$fp = fsockopen($ip,$port+0,$errno,$errstr,$timeout);
               // test if something was returned, ie the port is open
               if(!empty($fp))
               {
		fwrite($fp,"GET / HTTP/1.0\n\n");
		$isOk=false;
		$firstLine=true;
		while(!feof($fp))
		{
			$line=trim(fgets($fp, 4096));
			if($line == "")
				break;
			if($firstLine && strncmp($line,"HTTP/1.1 403 F",14) == 0)
			{
				$isOk=true;
				break;
			}
			else if($firstLine && strncmp($line,"HTTP/1.1 404 ",13) == 0)
			{
				$isOk=true;
				break;
			}
			list($field,$data)=explode(": ",$line);
			if(strtolower($field) == "server")
			{
				$data=strtolower(trim($data));
				foreach($knownRouters as $okServer)
				{
					if(strpos($data,$okServer) !== false)
					{
						$isOk=true;
						break;
					}
				}
				if(!$isOk)
				{
					// Log what is unkown (for review)
					$log.=$data;
				}
				//break;
			}
			// Xampp ? Should not be an open proxy
			else if($field == "Location" && strpos($data,"xampp") !== false)
			{
				$isOk=true;
				break;
			}
			// Requires a login? So no open proxy.
			else if($field == "WWW-Authenticate")
			{
				$isOk=true;
				break;
			}
			$firstLine=false;
		}
                       // close our connection to the IP
		if($firstLine)
		{
			fclose($fp);
			$isOk=true;
		}
		else if(!$isOk)
		{
			$data=fread($fp,4096);
                       	fclose($fp);
			if($data == "")
			{
			}
			else if(strpos($data,"Apache HTTP Server Test") === false
				&& strpos($data,"You are not authorized to view this page") === false
				&& strpos($data,"Invalid Hostname") === false
				&& strpos($data,"Seeing this instead of the website") === false)
			{
					$file=fopen("/tmp/badproxy.log","a");
					fwrite($file,"$log\n");
					fclose($file);
                       		// we know the set the flag
             	 		$flag = 1;
                  		return(1);
			}
			$isOk=true;
		}
		else
			fclose($fp);
               }
       }

       // send our flag back to the calling code
       return $flag;
}
Link to comment
Share on other sites
a_bertrand Newbie

a_bertrand

Posted
  • Author
Posted

Re: Checking if an IP is (maybe) a proxy

Yes and no, first of all, how many players do have a web server installed on their PC or their router offer web pages? Those which offer them but are blocked by asking a username or password are considered fine BTW.

Also, check websites like anonymouse.org:

http://anonymouse.org/

If you don't check for sites like that, then your players could use them to enter your site.

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...