For those of you that use proxies

[tenants]

Can you just give this a quick click using your proxy:

http://www.surreyforum.co.uk/proxy-detection.php

Its a proxy detection that I want to add to one of my plug-ins.

It might not catch all proxies (but catches the vast majority by looking through the header and also detecting open ports)

I don't want it to find false positives (its not bad if a few proxies get through)

Can you let me know if it :

-finds your proxy-
-finds a false posotive-
-lets your proxy slip through-

I've been testing... and it seems fairly good for non anonymous proxies

 

[Digital Doctor]

Proxy header test complete
Proxy port test complete

No Proxy detected

(I'm not using one).(So no false positive).

 

[Chris D]

Finds my proxy.

My proxy is an enterprise level proxy though. Used for good and not evil!

 

[SneakyDave]

Tells me I'm using a proxy, but I'm not. I'm in the states using a static IP

 

[tenants]

Tells me I'm using a proxy, but I'm not. I'm in the states using a static IP

Okay that's interesting, can you paste the message (it should say what it failed on)

Finds my proxy.
My proxy is an enterprise level proxy though. Used for good and not evil!

Okay, but you could turn it of if presented with a message on registering, couldn't you? What is the proxy?

 

[Chris D]

Okay that's interesting, can you paste the message (it should say what it failed on)

Okay, but you could turn it of if presented with a message on registering, couldn't you? What is the proxy?

I can turn the proxy off, yes, but that's because I'm the System Admin here and I control the proxy and requests originating from my PC are allowed through unproxied.

The proxy is Microsoft Forefront Threat Management Gateway.

You would find that most businesses that deploy a proxy won't allow it to be turned off.

 

[tenants]

what was the meassage

You are using a proxy, proxy port found:".$port

or

You are using a proxy, proxy header found:".$header

(so i know where it fell over, I assume it was the port)

 

[Chris D]

what was the meassage

You are using a proxy, proxy port found:".$port

or

You are using a proxy, proxy header found:".$header

(so i know where it fell over, I assume it was the port)

Nope, it was: You are using a proxy, proxy header found:HTTP_VIA

 

[Brandon Sheley]

You are using a proxy, proxy header found:HTTP_VIA

work firewalls

 

[tenants]

Thanks, it's detected them correctly, I'm worried about the any false positives (and what the message is from those) .. SneakyDave ?http://xenforo.com/community/members/sneakydave.1001/

 

[SneakyDave]

Okay that's interesting, can you paste the message (it should say what it failed on)?

It just says: Proxy header test completeYou are using a proxy, proxy port found:80



If you want to PC me your PHP code, I can run through it and tell you what it's failing on.

 

[Simon]

Found me using a proxy:

Proxy header test completeYou are using a proxy, proxy port found:80

 

[Adam Howard]

Proxy header test complete
Proxy port test complete

No Proxy detected

Don't feel bad. No one ever is able to tell that I'm using one.

 

[Luke F]

False positive: finds that I'm running a webserver on port 80, might be worth doing a vague check to tell the difference from a proxy

 

[tenants]

Don't feel bad. No one ever is able to tell that I'm using one.

... its okay, some will slip through, it would be impossible (not to mention it would take a fair amount of connection tests and time) to detect every type of proxy

okay, it's failing at the port 80 for some users... giving false positives there, that's good to know

False positive: finds that I'm running a webserver on port 80, might be worth doing a vague check to tell the difference from a proxy

You've hit on the head Darkimmorital, I think most of the false positives will be when port 80 is used by local iis / apache (I tried my self and found that apache was causing this)

The port test is basically: fsockopen($_SERVER['REMOTE_ADDR'], $port80here, $errno, $errstr, $time)... to weed out those users that use sites as proxies

The header test checks for an occurrence of any of these:

'HTTP_VIA',
'HTTP_X_FORWARDED_FOR',
'HTTP_FORWARDED_FOR',
'HTTP_X_FORWARDED',
'HTTP_FORWARDED',
'HTTP_CLIENT_IP',
'HTTP_FORWARDED_FOR_IP',
'VIA',
'X_FORWARDED_FOR',
'FORWARDED_FOR',
'X_FORWARDED',
'FORWARDED',
'CLIENT_IP',
'FORWARDED_FOR_IP',
'HTTP_PROXY_CONNECTION'

In real life, I'm not sure how frequent forum users will have iis/apache hosting sites locally, but some forums will attract more of these types of users than others...
But to be honest, if a user really wants to go undetected, they can (Adam Howard, what are you using? )

 

[Adam Howard]

But to be honest, if a user really wants to go undetected, they can (Adam Howard, what are you using? )

 

[Dark Sage]

"Proxy header test complete. You are using a proxy, proxy port found:80"
Unless google dns is considered a proxy, I don't use one.

 

[Sador]

Proxy header test complete
You are using a proxy, proxy port found:80

I'm not, though.

 

[tenants]

ok, do either of you have webservers (apache / iis)?

 

[Luke F]

Could be Skype or another app abusing port 80