Pages:
Author

Topic: [Tutorial] How to avoid visits by Proxies - page 2. (Read 5571 times)

sr. member
Activity: 350
Merit: 250
October 17, 2015, 08:47:53 AM
#11
Great, was another way of doing it.
You must also take into account the recommendations of getipintel It seems that it does not support many queries

Now it's working for me  Grin
instead echo ''; I used echo ""; and it worked
hero member
Activity: 868
Merit: 500
October 17, 2015, 07:56:11 AM
#10
Now it's working for me  Grin
instead echo ''; I used echo ""; and it worked
sr. member
Activity: 350
Merit: 250
October 17, 2015, 02:27:20 AM
#9
Then in
Code:
if ($response < 0 || strcmp($response, "") == 0 ) {
What should we put?


Code:
//The server returned an error, you might want to do something

You should definitely take action when this happens because the assumption that you are still protected is false. It's also bad for me too because people start to think the website isn't accurate or doesn't work, which is not true. If the error handling section is not filled out, it's bad for both me and the user.

Regards,
GetIPIntel
sr. member
Activity: 350
Merit: 250
October 17, 2015, 02:03:58 AM
#8
I have decided to remove the ips of the htaccess since I found it on the net and am not sure that they are not real people as you say.
What do you think we should do to protect ourselves?
Thank you very much for your help.
Hi there, I'd like to correct some misconceptions from OP's post. GetIPIntel.net don't specifically look for countries like Brazil, the machine learning algorithm does not care what the ISP name is, where it's registered, or the country origin because they can be changed with a simple SWIP request. The algorithm looks at more technical details about a particular IP & details that can't be changed easily.

I looked at the .htaccess file and I can it appears a noticeable amount are not proxies. Some IP addresses aren't even route-able (via the public internet) as of this post. Here's a list of them:
Code:
202.150.91.18 : -3
200.226.137.11 : -3
200.226.137.13 : -3
202.150.91.26 : -3
80.88.11.131 : -3
202.150.91.18 : -3
200.226.137.13 : -3
200.226.137.12 : -3
81.199.24.18 : -3
200.226.137.11 : -3
198.165.96.66 : -3
196.200.3.45 : -3
192.76.71.88 : -3
200.226.137.10 : -3
216.52.22.133 : -3
200.226.137.9 : -3
6.98.130.235 : -3

If you traceroute any of these IPs, you'll see it'll be dropped by your ISP because there's no BGP sessions for these IP addresses. Note that as this post ages, it might change but as of now, they are not route-able.

Some of the IPs I've looked at your list aren't from Brazil. Some seems like residential ADSL+ lines. Some IPs return a value >= 0.99 but it's still in the list. So from what I gather, the .htaccess file is an old list of abusers you've encountered in the past and it was your attempt to block them. Thus, adding the .htaccess file does not necessarily complement proxy detection in a general sense.

I'd like to add that if you exceed the amount of queries per minute, your site will no longer be protected. People that exceed the query limit on a daily basis and failure to correct it could result in a ban where the system returns "-5" for all queries. I do try to send a courtesy email to the contact address but this is not guaranteed.

This is why I have a section that says

Code:
//The server returned an error, you might want to do something

You should definitely take action when this happens because the assumption that you are still protected is false. It's also bad for me too because people start to think the website isn't accurate or doesn't work, which is not true. If the error handling section is not filled out, it's bad for both me and the user.

Regards,
GetIPIntel
sr. member
Activity: 350
Merit: 250
October 17, 2015, 01:48:54 AM
#7
Thank you friend for taking the time to help us, I'm not at all an expert on codes or php, the problem is that we are suffering a continuous attack bots and I was just looking for a solution to the problem.

Hi there, I'd like to correct some misconceptions from OP's post. GetIPIntel.net don't specifically look for countries like Brazil, the machine learning algorithm does not care what the ISP name is, where it's registered, or the country origin because they can be changed with a simple SWIP request. The algorithm looks at more technical details about a particular IP & details that can't be changed easily.

I looked at the .htaccess file and I can it appears a noticeable amount are not proxies. Some IP addresses aren't even route-able (via the public internet) as of this post. Here's a list of them:
Code:
202.150.91.18 : -3
200.226.137.11 : -3
200.226.137.13 : -3
202.150.91.26 : -3
80.88.11.131 : -3
202.150.91.18 : -3
200.226.137.13 : -3
200.226.137.12 : -3
81.199.24.18 : -3
200.226.137.11 : -3
198.165.96.66 : -3
196.200.3.45 : -3
192.76.71.88 : -3
200.226.137.10 : -3
216.52.22.133 : -3
200.226.137.9 : -3
6.98.130.235 : -3

If you traceroute any of these IPs, you'll see it'll be dropped by your ISP because there's no BGP sessions for these IP addresses. Note that as this post ages, it might change but as of now, they are not route-able.

Some of the IPs I've looked at your list aren't from Brazil. Some seems like residential ADSL+ lines. Some IPs return a value >= 0.99 but it's still in the list. So from what I gather, the .htaccess file is an old list of abusers you've encountered in the past and it was your attempt to block them. Thus, adding the .htaccess file does not necessarily complement proxy detection in a general sense.

I'd like to add that if you exceed the amount of queries per minute, your site will no longer be protected. People that exceed the query limit on a daily basis and failure to correct it could result in a ban where the system returns "-5" for all queries. I do try to send a courtesy email to the contact address but this is not guaranteed.

This is why I have a section that says

Code:
//The server returned an error, you might want to do something

You should definitely take action when this happens because the assumption that you are still protected is false. It's also bad for me too because people start to think the website isn't accurate or doesn't work, which is not true. If the error handling section is not filled out, it's bad for both me and the user.

Regards,
GetIPIntel
sr. member
Activity: 350
Merit: 250
October 17, 2015, 01:27:47 AM
#6
Send me private message that the Forum is in English
misterbit can help me to put that code in my web? disculpa mi ingles es malisimo pero me ayudarias a colocar ese codigo en mi pagina?
newbie
Activity: 25
Merit: 0
October 16, 2015, 11:12:11 PM
#5
misterbit can help me to put that code in my web? disculpa mi ingles es malisimo pero me ayudarias a colocar ese codigo en mi pagina?
sr. member
Activity: 350
Merit: 250
October 16, 2015, 01:23:40 PM
#4
Yes thank you, and really works look for proxies online and you will see Wink

Nice work sir, thanks for the idea of where to start with this faith. will be good to get more people involved in this project
legendary
Activity: 3472
Merit: 3507
Crypto Swap Exchange
October 16, 2015, 01:21:18 PM
#3
Nice work sir, thanks for the idea of where to start with this faith. will be good to get more people involved in this project
sr. member
Activity: 350
Merit: 250
October 16, 2015, 12:43:29 PM
#2
Updated the tutorial.
sr. member
Activity: 350
Merit: 250
October 16, 2015, 11:49:41 AM
#1
Hi, I think that owners of faucets that are one of the things that do not hurt are the use of proxies, as yesterday looking for and looking for found this site that helps us quite the truth.

http://getipintel.net/

It is insert this code at the top of the index.php of the template we are using.

Where $contactEmail="Your mail";

Then where web.html is a text file that is made with Notepad and we put inside for example (It appears you're a Proxy / VPN / bad IP, please contact [Your mail] for more information) and we got it to the main directory where you will find the config.php.

This is what makes redirect proxies to web.html visits

Sorry the code is incomplete, go to github
https://github.com/blackdotsh/getIPIntel
Code:
/*
* A PHP function that interacts with http://getIPIntel.net to look up an IP address
* returns TRUE if the IP returns a value greater than $banOnProability,
* FALSE otherwise, including errors
* HTTP error codes are NOT explicitly implemented here
* This should be used as a guide, be sure to edit and test it before using it in production

* MIT License
*/ 


//function requires curl
function checkProxy($ip){
$contactEmail="Your mail";
$timeout=3//by default, wait no longer than 3 secs for a response
$banOnProability=0.99//if getIPIntel returns a value higher than this, function returns true, set to 0.99 by default

//init and set cURL options
$ch curl_init();
curl_setopt($chCURLOPT_RETURNTRANSFER1);
curl_setopt($chCURLOPT_TIMEOUT$timeout);

//if you're using custom flags (like flags=m), change the URL below
curl_setopt($chCURLOPT_URL"http[Suspicious link removed]c($ch);

curl_close(
$ch);


if (
$response > $banOnProability) {
return true;
} else {
if (
$response < 0 || strcmp($response, "") == 0 ) {
//The server returned an error, you might want to do something
//like write to a log file or email yourself
//This could be true due to an invalid input or you've exceeded
//the number of allowed queries. Figure out why this is happening
//because you aren't protected by the system anymore
}
return false;
}
}


$ip=$_SERVER['REMOTE_ADDR'];

if (checkProxy(
$ip)) {
/* A proxy has been detected based on your criteria
 * Do whatever you want to here
 */
echo 'Refresh" Content="0URL=web.html">';    
    exit;
}

?>


I am new to this scene so they will be welcomed the recommendations and suggestions, sorry for my language, I am Spanish.

########################################

########################################

Another way to block proxies

Put this in your .htaccess, remove RewriteEngine on in the event that already is in the .htaccess

Code:
RewriteEngine on

RewriteCond %{HTTP:VIA} !^$ [OR]
RewriteCond %{HTTP:FORWARDED} !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
RewriteRule ^(.*)$ – [F]

Then in the index.php of the template on

Code:
if(@fsockopen($_SERVER['REMOTE_ADDR'], 80$errstr$errno1))
die(
"Here a message, for example prohibited use proxies");
?>


Source http://forum.youhosting.com/topic3516-block-proxy-server-customize-your-htaccess-and-php-code.html

########################################

Friends I am new and I don't know much php only try to help us all, sorry for my mistakes.

By the way I sell advertising space on my website I would be helpful https://bitcointalksearch.org/topic/m.12703029.
Pages:
Jump to: