Comments on: PHP Code to Check if Someone is Coming from a Open Proxy.

By: Ilya Vassilevsky

Ilya Vassilevsky — Mon, 11 Jan 2010 21:33:05 +0000

Skype takes over ports 80 and 443 when there’s nothing else on them.

By: Mike

Mike — Sat, 10 Jan 2009 22:05:21 +0000

MJL: Quova’s GeoPoint gold service includes a list of known open proxies. You have to pay for it, but you can then just create an exclusion list for apache or whatever you’re using.

By: Smaxor

Smaxor — Sun, 28 Dec 2008 00:55:53 +0000

You can get a list of all the tor ips pretty readily. Just get that list and check your visito against it.

By: Hugh

Hugh — Sun, 28 Dec 2008 00:48:22 +0000

Thanks for your script, it was very helpful.
Does anyone have some code I can use to block users using TOR?

By: Michael Ludwick

Michael Ludwick — Sun, 23 Nov 2008 00:43:09 +0000

Our problem at Chatropolis.com is that advertisers will use scripts to post advertisements from open proxy switching software. We literally have a 100,000 proxy users so I would want to look for open proxy users. Services like TOR give a nobel speach but all that comes is illegal advertising and kiddie porn from them. I have never examined a TOR user exit node because the user did something nice.

I want to stop all open proxys from using our site. There would be no reason somebody needs to use an open proxy. In most cases These services help people break a law weather it’s Chna’s policy on pornagraphy or Iraqs. I don’t believe my site is something someone needs to access against it’s countrys laws. Also the paranoid line on privacy is a load of crap. If your ashamed about your body,sex or the conversation there of join the Nunnery.

Does anyone have ideas on checking for open proxys 500,000+ times a day and not need a cluster of super comps to do it?

MJL
For Chatropolis.com

By: Smaxor

Smaxor — Thu, 12 Jun 2008 01:47:10 +0000

audax: I was going to make a post about maxmind next.

ptv: this isn’t a full proof plan just a point of diversion, you definately need to combine it with other tactics. You’re never going to get all the fraud from the get go but the more strategies you have the better.

webmasters: agree’d. To your point about routers, most routers don’t open port 80 on the wan only the lan. Again not full proof and should be added to a points system I agree. But yet another tool in the quiver.

By: Webmasters

Webmasters — Wed, 11 Jun 2008 19:48:07 +0000

I would definitively go with the flags or points approach… I really can’t justify auto-banning someone because he has a port 80 open… besides, many home based routers do respond to a port 80 query because they have web administration enabled…

By: ptv

ptv — Wed, 11 Jun 2008 19:41:23 +0000

I appreciate the idea and code provided. But …
What if our prospective customer has installed some kind of port scanning warning software? The probablity is low, but the risk of being suspected of “hacking”?

Maybe some kind of third party service not connected with us is better?

By: audax

audax — Wed, 11 Jun 2008 18:48:29 +0000

Other method I use is to reverse the IP to a physical location using MaxMind GeoIP or something of the sort, and then compare the signup address to the location of the IP address. It’s not fool proof but can help flag possible fraud.