I thought that if visitors goes by proxy i see just proxy IP in $HTTP_REFERER and i count all hits from same proxy as one in worst case. But recently i read that it is not so easy and i can get cheated much more this way. Do you know how exactly proxy cheats work and how to detect 100% these hits in PHP?
How to detect proxy hits in PHP?
Collapse
X
-
Tags: None
-
$REMOTE_ADDR not $HTTP_REFERER, sorry :-( Thinking on 2 things at once and being man :-) -
Things to look at mostly on your weblogs are
HTTP_VIA
PROXY_CONNECTION
X_FORWARDED_FOR
As far a Im aware of my .2cents there are 3 types of proxies here's the list.
Transparent proxy - this proxy shows your real ip address with the precense of X_FORWARDED_FOR option on your logs. this type of proxy will tells you both the IP of the proxy and the client IP behind the request
Anonymous proxy - they have a missing X_FORWARDED_FOR option on your logs so it only displays the IP of the proxy and you will also see more presence of "connection type CLOSE" on your logs
High-Anonymity Proxy - This type of proxy does not send any of the usual proxy variables to your logs..
hopefully you get the picture.
not allowed to put a url osix.net/modules/article/?id=765Last edited by pfunix; 02-16-2007, 05:13 AM.Comment
-
Sorry about the fucked up highlighting. Cut and paste the code abovePHP Code:/** * @name getip * @desc Function to get the user's IP address * @param none (optained via superglobals) * @return string the IP address */ function getip() { if(isset($_SERVER)) { if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $realip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif(isset($_SERVER['HTTP_CLIENT_IP'])) { $realip = $_SERVER['HTTP_CLIENT_IP']; } else { $realip = $_SERVER['REMOTE_ADDR']; } } else { if( getenv( 'HTTP_X_FORWARDED_FOR' ) ) { $realip = getenv( 'HTTP_X_FORWARDED_FOR' ); } elseif( getenv( 'HTTP_CLIENT_IP' ) ) { $realip = getenv( 'HTTP_CLIENT_IP' ); } else { $realip = getenv( 'REMOTE_ADDR' ); } } return $realip; }Comment
-
Sorry about the fucked up highlighting. Cut and paste the code abovePHP Code:/** * @name getip * @desc Function to get the user's IP address * @param none (optained via superglobals) * @return string the IP address */ function getip() { if(isset($_SERVER)) { if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $realip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif(isset($_SERVER['HTTP_CLIENT_IP'])) { $realip = $_SERVER['HTTP_CLIENT_IP']; } else { $realip = $_SERVER['REMOTE_ADDR']; } } else { if( getenv( 'HTTP_X_FORWARDED_FOR' ) ) { $realip = getenv( 'HTTP_X_FORWARDED_FOR' ); } elseif( getenv( 'HTTP_CLIENT_IP' ) ) { $realip = getenv( 'HTTP_CLIENT_IP' ); } else { $realip = getenv( 'REMOTE_ADDR' ); } } return $realip; }
Can't be this abused by the cheater that way he builds up his own fake proxy and sends you simulated automated hits with different false HTTP_X_FORWARED_FOR? Looks more safe if i just count hits with different REMOTE_ADDR and set random cookie which is bound to this REMOTE_ADDR to me. Or am i missing something?Comment

Comment