Bitcoin Forum

Hello, i am finding a php code that can detect vpn or proxy ( i know a php code is not enough, so if you know other way, please suggest me). Thank you.

Hello i have already developed a code like that and tested with many vpn and proxy he detected them all if you want it pm me.

Before pm i just want to ask is it free or not. If need to buy, i will consider later because i just start my website
Thanks

There are a couple headers you can use to detect HTTP and SOCKS 4/5 proxies(the non-"elite" ones). VPN subsets, VPS, and stealth proxies require scraping and building IP blacklists and optionally detecting region changes using a region-subnet cached DB..

It's about 20 lines of PHP including the PDO DB code..

I tried this code But it said my real ip as proxy

Remove what matches. Without blacklisting IPs you're only going to stop 35%-74% or so anyway.

The above code is really effective, but sometime blocks non-proxy users also (but about 90% accurate)

There are paid options like getip intel, very good service

https://getipintel.net/

https://github.com/blackdotsh/getIPIntel

If you are using FaucetBox script, then nastyhosts is there, in my opinion they are one of the best because when my faucet got drained in just a few minutes I used it. I had to use it manually, but blocked 99% of proxy or bad ip's through htaccess.

I had done it manually, just catch a bad IP, check it with http://v1.nastyhosts.com/IP

and then use ASN blocklist to block the whole bad IP range

https://www.enjen.net/asn-blocklist/index.php

https://bitcointalk.org/index.php?topic=1200700.msg16902102#msg16902102

So far my collection of bad IP's

http://pastebin.com/k9eMLy9d

Also check your analytics data and block spam referral traffic


Hope it is helpful :)

Thank for all your help, my faucet have ptcwall and offers, so i want to prevent bad ip on accessing  earing page

It is very necessary to learn about how to prevent bots/ Vps / Tor or proxy/ bad Ips because without this knowledge you can not run your faucet successfully. All above codes mentioned above are good way to prevent bots/vps/proxy/bad ips but you should also keep in mind sometimes these codes also ban real human users so you should create a code to white list real users Ip address if they get banned.  

I see this code working very well, but their sever reject my sever ip while i am trying to curl their sever
https://github.com/blackdotsh/getIPIntel

Told you, the code is really effective, now for this there might be two scenarios, does not have much knowledge of coding, even do not know what PHP stands for ;D

1. Might be your server IP is blacklisted

2. Or the hosting service you are using does not have curl enabled which is rare, most of the latest PHP version comes with curl.

Like I said, I am not into coding, just know the basics (not even the basics), just to make my faucet stand a bot attack. I guess gpintel have a limit on requests per minute (does not apply to paid users).

Earlier I saw a thread by felicita (yannik admin) to block bad IP's, have to pay, have not gone through the details.

Buddy just go through this section, and spend some time, PHP ain't child's play, start with getting the IP's and finding if they are good or bad (nasthosts or enjen or http://www.ip2location.com/free/visitor-blocker) and block the bad IP's in that ASN :)

Thank you, i am not a professional coder, they are teaching me pascal at high school  ::) i will try more way to prevent bots like you said

found this in the F:A:Q: of getipintel D:


How many queries can I make?
There's a rate limit 15 requests / minute to prevent abuse as well as a burst parameter set to ensure smoothing of traffic. If you hit any of these limits, the web server will return a 429 error. Please do not exceed 500 queries per day. The limits may change based on abuse and/or server load which will be posted on twitter and at least one week in advance. If you need guaranteed resources and/or more queries, please contact me. In most cases, the cost is significantly less than other paid services.




have fun with a limit of 15/minute    500/day !!!!!



kind regards

Most services do have query limits.

It's not hard to code a simple bot that factors site-policy. Most sites have them and it stops nobody.

"INSERT INTO blacklist(id,ip) VALUES(:id,:ip);"
"SELECT id FROM blacklist WHERE ip=:param1 LIMIT 1;"
"UPDATE users SET threshold=threshold+1 WHERE session=:sid LIMIT 1;"
"SELECT userid FROM users WHERE session=:sid AND threshold>:qlimit LIMIT 1;"

Those and about ten lines of PHP give you blacklisting and threshold. The only improvements would be account-type variable profiles.

How I deal with bots: RNG, JS>AJAX, and reCaptcha.. Let them use VPN or whatever.. They'll have to manually work every one or use a solving-service, and those solving services charge exponential rates to what faucets and BTC games pay(which correlates to my other post on these forums about only idiots using faucets and games).

Hi.

Can you provide, if possible, more details on how to do it? ???

This guy should be a pro with the language he is using, have not even heard about RNG. It would be really good of you to share further details about blocking bad IPs or bots, everyone ain't as good as you when it comes to coding, sharing is caring, a bit detailed explanation would not not harm anybody :)

Acccording to Wikepedia it is Random-number generator (RNG) hehe :P

But I agree with you, it would be really good to share some knowledge  ::)

You can use nastyhosts.com. It's like getipintel but with much higher limits.

Disclaimer: I've worked for company that's running NastyHosts.

code showed for tungaqhd + nastyhosts.com = nice protection free  8)

If the whole internet connection is passing through the proxy/vpn/tunnel then not a chance, also tor uses a protocol that you can't tell if it's a tor relay or not.

Actually testing if connection is from Tor is trivial, as Tor advertises list of all exit nodes.

Detecting proxies/vpns/tunnels is of course impossible to do 100% accurately, but you can try to build blacklists of known services (and that's what nastyhosts does), greatly reducing problem.

You beat me to it.. Just add exit nodes to blacklist DB tables.. TOR defeated

SMS with SMS verification on region-change is also proven to beat TOR with no blacklisting or proxy-detection at all..