Bitcoin Forum
September 28, 2021, 03:39:41 AM *
News: Latest Bitcoin Core release: 22.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: Is there any php code that can detect vpn/proxy  (Read 1190 times)
tungaqhd
Hero Member
*****
Offline Offline

Activity: 1554
Merit: 508


View Profile
December 28, 2016, 04:28:37 PM
 #1

Hello, i am finding a php code that can detect vpn or proxy ( i know a php code is not enough, so if you know other way, please suggest me). Thank you.

Selling Vie Faucet Script: https://shoppy.gg/product/099OPQ9
I am selling at Codester (tungaqhd), Rocketr(faucetscript) too. Other links are fake and full of bugs!
1632800381
Hero Member
*
Offline Offline

Posts: 1632800381

View Profile Personal Message (Offline)

Ignore
1632800381
Reply with quote  #2

1632800381
Report to moderator
1632800381
Hero Member
*
Offline Offline

Posts: 1632800381

View Profile Personal Message (Offline)

Ignore
1632800381
Reply with quote  #2

1632800381
Report to moderator
1632800381
Hero Member
*
Offline Offline

Posts: 1632800381

View Profile Personal Message (Offline)

Ignore
1632800381
Reply with quote  #2

1632800381
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1632800381
Hero Member
*
Offline Offline

Posts: 1632800381

View Profile Personal Message (Offline)

Ignore
1632800381
Reply with quote  #2

1632800381
Report to moderator
bitminpro67
Full Member
***
Offline Offline

Activity: 140
Merit: 100



View Profile
December 28, 2016, 04:45:00 PM
 #2

Hello i have already developed a code like that and tested with many vpn and proxy he detected them all if you want it pm me.

tungaqhd
Hero Member
*****
Offline Offline

Activity: 1554
Merit: 508


View Profile
December 28, 2016, 04:52:51 PM
 #3

Hello i have already developed a code like that and tested with many vpn and proxy he detected them all if you want it pm me.
Before pm i just want to ask is it free or not. If need to buy, i will consider later because i just start my website
Thanks

Selling Vie Faucet Script: https://shoppy.gg/product/099OPQ9
I am selling at Codester (tungaqhd), Rocketr(faucetscript) too. Other links are fake and full of bugs!
DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318
Merit: 250



View Profile WWW
December 29, 2016, 05:17:11 AM
 #4

There are a couple headers you can use to detect HTTP and SOCKS 4/5 proxies(the non-"elite" ones). VPN subsets, VPS, and stealth proxies require scraping and building IP blacklists and optionally detecting region changes using a region-subnet cached DB..

It's about 20 lines of PHP including the PDO DB code..

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
tungaqhd
Hero Member
*****
Offline Offline

Activity: 1554
Merit: 508


View Profile
December 29, 2016, 05:44:35 AM
 #5

There are a couple headers you can use to detect HTTP and SOCKS 4/5 proxies(the non-"elite" ones). VPN subsets, VPS, and stealth proxies require scraping and building IP blacklists and optionally detecting region changes using a region-subnet cached DB..

It's about 20 lines of PHP including the PDO DB code..
I tried this code
Code:
<?php
 $proxy_headers 
= array(
        
'HTTP_VIA',
        
'HTTP_X_FORWARDED_FOR',
        
'HTTP_FORWARDED_FOR',
        
'HTTP_X_FORWARDED',
        
'HTTP_FORWARDED',
        
'HTTP_CLIENT_IP',
        
'HTTP_FORWARDED_FOR_IP',
        
'VIA',
        
'X_FORWARDED_FOR',
        
'FORWARDED_FOR',
        
'X_FORWARDED',
        
'FORWARDED',
        
'CLIENT_IP',
        
'FORWARDED_FOR_IP',
        
'HTTP_PROXY_CONNECTION'
    
);
    foreach(
$proxy_headers as $x){
        if (isset(
$_SERVER[$x])) { die("You are using a proxy!");}
    }
// M
?>
But it said my real ip as proxy

Selling Vie Faucet Script: https://shoppy.gg/product/099OPQ9
I am selling at Codester (tungaqhd), Rocketr(faucetscript) too. Other links are fake and full of bugs!
DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318
Merit: 250



View Profile WWW
December 29, 2016, 06:53:27 AM
 #6

Remove what matches. Without blacklisting IPs you're only going to stop 35%-74% or so anyway.

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
krishnapramod
Legendary
*
Offline Offline

Activity: 1456
Merit: 1076


View Profile
December 29, 2016, 07:18:47 AM
 #7

There are a couple headers you can use to detect HTTP and SOCKS 4/5 proxies(the non-"elite" ones). VPN subsets, VPS, and stealth proxies require scraping and building IP blacklists and optionally detecting region changes using a region-subnet cached DB..

It's about 20 lines of PHP including the PDO DB code..
I tried this code
Code:
<?php
 $proxy_headers 
= array(
        
'HTTP_VIA',
        
'HTTP_X_FORWARDED_FOR',
        
'HTTP_FORWARDED_FOR',
        
'HTTP_X_FORWARDED',
        
'HTTP_FORWARDED',
        
'HTTP_CLIENT_IP',
        
'HTTP_FORWARDED_FOR_IP',
        
'VIA',
        
'X_FORWARDED_FOR',
        
'FORWARDED_FOR',
        
'X_FORWARDED',
        
'FORWARDED',
        
'CLIENT_IP',
        
'FORWARDED_FOR_IP',
        
'HTTP_PROXY_CONNECTION'
    
);
    foreach(
$proxy_headers as $x){
        if (isset(
$_SERVER[$x])) { die("You are using a proxy!");}
    }
// M
?>
But it said my real ip as proxy

The above code is really effective, but sometime blocks non-proxy users also (but about 90% accurate)

There are paid options like getip intel, very good service

https://getipintel.net/

https://github.com/blackdotsh/getIPIntel

If you are using FaucetBox script, then nastyhosts is there, in my opinion they are one of the best because when my faucet got drained in just a few minutes I used it. I had to use it manually, but blocked 99% of proxy or bad ip's through htaccess.

I had done it manually, just catch a bad IP, check it with http://v1.nastyhosts.com/IP

and then use ASN blocklist to block the whole bad IP range

https://www.enjen.net/asn-blocklist/index.php

https://bitcointalk.org/index.php?topic=1200700.msg16902102#msg16902102

So far my collection of bad IP's

http://pastebin.com/k9eMLy9d

Also check your analytics data and block spam referral traffic

Code:
RewriteEngine on
# Options +FollowSymlinks
RewriteCond %{HTTP_REFERER} example\.com [NC]

RewriteRule .* - [F]

Hope it is helpful Smiley
tungaqhd
Hero Member
*****
Offline Offline

Activity: 1554
Merit: 508


View Profile
December 29, 2016, 07:28:51 AM
 #8

Thank for all your help, my faucet have ptcwall and offers, so i want to prevent bad ip on accessing  earing page

Selling Vie Faucet Script: https://shoppy.gg/product/099OPQ9
I am selling at Codester (tungaqhd), Rocketr(faucetscript) too. Other links are fake and full of bugs!
DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318
Merit: 250



View Profile WWW
December 29, 2016, 08:27:14 AM
 #9

  • "90%"? No way.. The bottom feeder bot developers and users at sites like thebot [dot] net use copied lists that after downed and non-elite proxies are removed are least a couple dozen uniques. Some of them are actually capable of testing lists and using them in the horribly buggy .NET bots there.. You would have to use statistics and blacklists for these. Real threats will do full audits of lists using a python script or something and use a lot of random timers and full emulation of JS and such in their bots.
  • Banning entire subnets is anti-commerce. You deal with DHCP with browser fingerprinting, penny deposits, or SMS with region logging.

I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
FaucetRank.com
Hero Member
*****
Offline Offline

Activity: 868
Merit: 500



View Profile WWW
December 29, 2016, 12:04:28 PM
 #10

Thank for all your help, my faucet have ptcwall and offers, so i want to prevent bad ip on accessing  earing page

It is very necessary to learn about how to prevent bots/ Vps / Tor or proxy/ bad Ips because without this knowledge you can not run your faucet successfully. All above codes mentioned above are good way to prevent bots/vps/proxy/bad ips but you should also keep in mind sometimes these codes also ban real human users so you should create a code to white list real users Ip address if they get banned.  

  ████
█ ████
█ ████
█ ████
█ ████ █
█ ████ █
█ ████ █
█ ████ █
█ ████ █
  ████ █
  ████ █
  ████ █
  ████
  ████
█ ████
█ ████
█ ████
█ ████ █
█ ████ █
█ ████ █
█ ████ █
█ ████ █
  ████ █
  ████ █
  ████ █
  ████
  .SCAMMERS.
▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄▄
  .EXPOSED.
.
▄▄▄▄▄▄▄▄
  ████
█ ████
█ ████
█ ████
█ ████ █
█ ████ █
█ ████ █
█ ████ █
█ ████ █
  ████ █
  ████ █
  ████ █
  ████
tungaqhd
Hero Member
*****
Offline Offline

Activity: 1554
Merit: 508


View Profile
December 29, 2016, 02:45:50 PM
 #11

I see this code working very well, but their sever reject my sever ip while i am trying to curl their sever
https://github.com/blackdotsh/getIPIntel

Selling Vie Faucet Script: https://shoppy.gg/product/099OPQ9
I am selling at Codester (tungaqhd), Rocketr(faucetscript) too. Other links are fake and full of bugs!
krishnapramod
Legendary
*
Offline Offline

Activity: 1456
Merit: 1076


View Profile
December 29, 2016, 03:14:23 PM
 #12

I see this code working very well, but their sever reject my sever ip while i am trying to curl their sever
https://github.com/blackdotsh/getIPIntel

Told you, the code is really effective, now for this there might be two scenarios, does not have much knowledge of coding, even do not know what PHP stands for Grin

1. Might be your server IP is blacklisted

2. Or the hosting service you are using does not have curl enabled which is rare, most of the latest PHP version comes with curl.

Like I said, I am not into coding, just know the basics (not even the basics), just to make my faucet stand a bot attack. I guess gpintel have a limit on requests per minute (does not apply to paid users).

Earlier I saw a thread by felicita (yannik admin) to block bad IP's, have to pay, have not gone through the details.

Buddy just go through this section, and spend some time, PHP ain't child's play, start with getting the IP's and finding if they are good or bad (nasthosts or enjen or http://www.ip2location.com/free/visitor-blocker) and block the bad IP's in that ASN Smiley
tungaqhd
Hero Member
*****
Offline Offline

Activity: 1554
Merit: 508


View Profile
December 29, 2016, 03:18:20 PM
 #13

I see this code working very well, but their sever reject my sever ip while i am trying to curl their sever
https://github.com/blackdotsh/getIPIntel

Told you, the code is really effective, now for this there might be two scenarios, does not have much knowledge of coding, even do not know what PHP stands for Grin

1. Might be your server IP is blacklisted

2. Or the hosting service you are using does not have curl enabled which is rare, most of the latest PHP version comes with curl.

Like I said, I am not into coding, just know the basics (not even the basics), just to make my faucet stand a bot attack. I guess gpintel have a limit on requests per minute (does not apply to paid users).

Earlier I saw a thread by felicita (yannik admin) to block bad IP's, have to pay, have not gone through the details.

Buddy just go through this section, and spend some time, PHP ain't child's play, start with getting the IP's and finding if they are good or bad (nasthosts or enjen or http://www.ip2location.com/free/visitor-blocker) and block the bad IP's in that ASN Smiley
Thank you, i am not a professional coder, they are teaching me pascal at high school  Roll Eyes i will try more way to prevent bots like you said

Selling Vie Faucet Script: https://shoppy.gg/product/099OPQ9
I am selling at Codester (tungaqhd), Rocketr(faucetscript) too. Other links are fake and full of bugs!
felicita
Legendary
*
Offline Offline

Activity: 1582
Merit: 1031



View Profile
December 29, 2016, 07:53:25 PM
 #14

I see this code working very well, but their sever reject my sever ip while i am trying to curl their sever
https://github.com/blackdotsh/getIPIntel

found this in the F:A:Q: of getipintel D:


How many queries can I make?
There's a rate limit 15 requests / minute to prevent abuse as well as a burst parameter set to ensure smoothing of traffic. If you hit any of these limits, the web server will return a 429 error. Please do not exceed 500 queries per day. The limits may change based on abuse and/or server load which will be posted on twitter and at least one week in advance. If you need guaranteed resources and/or more queries, please contact me. In most cases, the cost is significantly less than other paid services.



Code:
limit 15 requests / minute


have fun with a limit of 15/minute    500/day !!!!!



kind regards
DuddlyDoRight
Sr. Member
****
Offline Offline

Activity: 318
Merit: 250



View Profile WWW
December 30, 2016, 12:28:48 AM
 #15

Most services do have query limits.

It's not hard to code a simple bot that factors site-policy. Most sites have them and it stops nobody.

"INSERT INTO blacklist(id,ip) VALUES(:id,:ip);"
"SELECT id FROM blacklist WHERE ip=:param1 LIMIT 1;"
"UPDATE users SET threshold=threshold+1 WHERE session=:sid LIMIT 1;"
"SELECT userid FROM users WHERE session=:sid AND threshold>:qlimit LIMIT 1;"

Those and about ten lines of PHP give you blacklisting and threshold. The only improvements would be account-type variable profiles.

How I deal with bots: RNG, JS>AJAX, and reCaptcha.. Let them use VPN or whatever.. They'll have to manually work every one or use a solving-service, and those solving services charge exponential rates to what faucets and BTC games pay(which correlates to my other post on these forums about only idiots using faucets and games).


I have faith that one day this forum will get threads where people won't just repeat their previous posts or what others have already stated in the same thread. Also that people will stop acting like BTC is toy-money and start holding vendors accountable. Naive? Maybe.
btcoinworld
Newbie
*
Offline Offline

Activity: 20
Merit: 0


View Profile
December 30, 2016, 12:35:36 AM
 #16

Most services do have query limits.

It's not hard to code a simple bot that factors site-policy. Most sites have them and it stops nobody.

"INSERT INTO blacklist(id,ip) VALUES(:id,:ip);"
"SELECT id FROM blacklist WHERE ip=:param1 LIMIT 1;"
"UPDATE users SET threshold=threshold+1 WHERE session=:sid LIMIT 1;"
"SELECT userid FROM users WHERE session=:sid AND threshold>:qlimit LIMIT 1;"

Those and about ten lines of PHP give you blacklisting and threshold. The only improvements would be account-type variable profiles.

How I deal with bots: RNG, JS>AJAX, and reCaptcha.. Let them use VPN or whatever.. They'll have to manually work every one or use a solving-service, and those solving services charge exponential rates to what faucets and BTC games pay.


Hi.

Can you provide, if possible, more details on how to do it? Huh
krishnapramod
Legendary
*
Offline Offline

Activity: 1456
Merit: 1076


View Profile
December 30, 2016, 07:15:05 AM
 #17

Most services do have query limits.

It's not hard to code a simple bot that factors site-policy. Most sites have them and it stops nobody.

"INSERT INTO blacklist(id,ip) VALUES(:id,:ip);"
"SELECT id FROM blacklist WHERE ip=:param1 LIMIT 1;"
"UPDATE users SET threshold=threshold+1 WHERE session=:sid LIMIT 1;"
"SELECT userid FROM users WHERE session=:sid AND threshold>:qlimit LIMIT 1;"

Those and about ten lines of PHP give you blacklisting and threshold. The only improvements would be account-type variable profiles.

How I deal with bots: RNG, JS>AJAX, and reCaptcha.. Let them use VPN or whatever.. They'll have to manually work every one or use a solving-service, and those solving services charge exponential rates to what faucets and BTC games pay(which correlates to my other post on these forums about only idiots using faucets and games).



This guy should be a pro with the language he is using, have not even heard about RNG. It would be really good of you to share further details about blocking bad IPs or bots, everyone ain't as good as you when it comes to coding, sharing is caring, a bit detailed explanation would not not harm anybody Smiley
btcoinworld
Newbie
*
Offline Offline

Activity: 20
Merit: 0


View Profile
December 30, 2016, 02:33:49 PM
 #18

Most services do have query limits.

It's not hard to code a simple bot that factors site-policy. Most sites have them and it stops nobody.

"INSERT INTO blacklist(id,ip) VALUES(:id,:ip);"
"SELECT id FROM blacklist WHERE ip=:param1 LIMIT 1;"
"UPDATE users SET threshold=threshold+1 WHERE session=:sid LIMIT 1;"
"SELECT userid FROM users WHERE session=:sid AND threshold>:qlimit LIMIT 1;"

Those and about ten lines of PHP give you blacklisting and threshold. The only improvements would be account-type variable profiles.

How I deal with bots: RNG, JS>AJAX, and reCaptcha.. Let them use VPN or whatever.. They'll have to manually work every one or use a solving-service, and those solving services charge exponential rates to what faucets and BTC games pay(which correlates to my other post on these forums about only idiots using faucets and games).



This guy should be a pro with the language he is using, have not even heard about RNG. It would be really good of you to share further details about blocking bad IPs or bots, everyone ain't as good as you when it comes to coding, sharing is caring, a bit detailed explanation would not not harm anybody Smiley

Acccording to Wikepedia it is Random-number generator (RNG) hehe Tongue

But I agree with you, it would be really good to share some knowledge  Roll Eyes
Kazuldur
Legendary
*
Offline Offline

Activity: 971
Merit: 1000


View Profile
December 30, 2016, 08:57:53 PM
 #19

You can use nastyhosts.com. It's like getipintel but with much higher limits.

Disclaimer: I've worked for company that's running NastyHosts.

Unless stated otherwise, all opinions are of my own, not FaucetBOX.com's.
AdrianoCoins
Newbie
*
Offline Offline

Activity: 39
Merit: 0


View Profile WWW
December 30, 2016, 09:09:55 PM
 #20

code showed for tungaqhd + nastyhosts.com = nice protection free  Cool
Pages: [1] 2 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!