OpenProxy: Difference between revisions
No edit summary |
(No difference)
|
Revision as of 14:20, 10 June 2004
How can an Anonymous Proxy be detected?
Using web software, a user visiting your website using a proxy will not appear to be any different than a user visiting without one. There is nothing you can code in ASP, PHP, CGI, Javascript, etc. that can tell the difference.
There are many services and programs out there that claim to detect a proxy by looking at the HTTP HEADERS sent by the server. This is about as effective as placing a pop-up asking the user if they are using a proxy server! The headers are:
HTTP_X_FORWARDED_FOR HTTP_VIA HTTP_PROXY_CONNECTION and REMOTE_ADDR
The values of these headers are not hard coded into any server operating system - they can be changed by the server administrator. In the case of a legitamite proxy system (such as AOL, or your company internet server) these variables might be configured properly. (There are no rules or regulations regarding this!) However, in the case of an anonymous proxy service, these headers will probably not contain anything. Why would you use an anonymous proxy if it broadcast where you orginally came from?
Since there is no way your server can determine such use, the only way to detect an anonymous proxy is by trying to actually use it. CountryCheck will attempt to connect to the server in the same way a user would. This connection attempt, and a few other tests, are done in real time. CountryCheck http://www.countrycheck.com maintains a large database of proxy servers and this list is updated on a constant basis.
These lists change daily. Usually an anonymous proxy is created by a virus or trojan, and then plugged as soon as the administrator detects it - mostly due to increased traffic. Because of this, many proxy lists float around on the internet, but they are outdated almost as fast as they are used.
So now you know there are only three ways to flag an IP address as an anonymous proxy. 1) Copy the proxy list from somewhere else. 2) Use HTTP HEADERS. 3) Actually detect them properly.
CountryCheck (http://www.countrycheck.com) is the ONLY service on the Internet that currently uses the third and best method. Don't be fooled into using an inferior service - remember you get what you pay for.