Hello and welcome to our community! Is this your first visit?
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 2 of 2
  1. #1
    New to the CF scene
    Join Date
    Nov 2008
    Thanked 0 Times in 0 Posts

    Blocking Proxys via .htaccess file

    ok umm here is what I need.

    I need a proxy Spam Filteration Blocking thing on my site so if i try and access my site using proxy it will lead them to my 403.shtml file yes I could go deny from www.???.com it will take forever I need something better something that will block like 99% of proxys in one hit can you post me a script I have come across

    # block proxy servers from site access
    # http://perishablepress.com/press/200...-via-htaccess/

    RewriteEngine on
    RewriteCond %{HTTP:VIA} !^$ [OR]
    RewriteCond %{HTTP:FORWARDED} !^$ [OR]
    RewriteCond %{HTTP:USERAGENT_VIA} !^$ [OR]
    RewriteCond %{HTTP:X_FORWARDED_FOR} !^$ [OR]
    RewriteCond %{HTTP:PROXY_CONNECTION} !^$ [OR]
    RewriteCond %{HTTP:XPROXY_CONNECTION} !^$ [OR]
    RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
    RewriteCond %{HTTP:HTTP_CLIENT_IP} !^$
    RewriteRule ^(.*)$ - [F]

    Yes I'v doesn't work I tried it on a couple of proxy's all got through succesfully. Reason why I want to do now yesterday had a spam attack blocked IP however I think his next return will be via proxies! I want to be one step ahead.

  • #2
    Senior Coder CFMaBiSmAd's Avatar
    Join Date
    Oct 2006
    Denver, Colorado USA
    Thanked 339 Times in 331 Posts
    The HTTP headers that code is testing are optional and are only set by legitimate proxy servers. A legitimate proxy server is one that wants you to know it is a proxy, such as a proxy at a large company that is used by all the client computers within that company. The code would basically block visitors to your site who's Internet connection happened to be using a proxy server at their point of connection to the Internet.

    The kind of proxy servers you want to block are called anonymous proxy servers (they don't want you to know they are proxy servers) and they DON"T set those HTTP headers. The only real way to block these kind of proxy servers would be to learn the IP address of each of them (each will either have one fixed IP address or a fixed block (subnet) of IP addresses) and deny connections from those IP addresses or blocks of IP addresses.
    Last edited by CFMaBiSmAd; 04-30-2009 at 05:17 PM. Reason: fixed wording
    If you are learning PHP, developing PHP code, or debugging PHP code, do yourself a favor and check your web server log for errors and/or turn on full PHP error reporting in php.ini or in a .htaccess file to get PHP to help you.


    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts