• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Proxy Detection

James

Well-known member
#1
OK, so there's not much we can do about proxies these days but there are certain (slightly useless) things we can do such as HTTP_X_FORWARDED_FOR and checking if the referrer is from a proxy URL...

Does XF utilise these things to detect proxy servers, or did they decide proxies aren't such a bad thing after all? ;)
 

James

Well-known member
#3
I find proxy detection to be efficient. Even if nothing is actually done about it, just make it visible.

"THIS USER IS BROWSING VIA A PROXY" kinda thing. I get sick of banning duplicate accounts because of ban evaders.
 

Caliburn

Well-known member
#4
I find proxy detection to be efficient. Even if nothing is actually done about it, just make it visible.

"THIS USER IS BROWSING VIA A PROXY" kinda thing. I get sick of banning duplicate accounts because of ban evaders.
For the record, I use a Proxy on certain forums to mask my identity and not for ban evasion. I think Proxy's are a great thing. Just want to throw this into the topic.
 

James

Well-known member
#5
For the record, I use a Proxy on certain forums to mask my identity and not for ban evasion. I think Proxy's are a great thing. Just want to throw this into the topic.
They are generally, but when you get people using them for the wrong reasons then it becomes a problem.
 

James

Well-known member
#7
I find just identifying the proxy accounts would be sufficient. Displaying a notice or something. Forums that allow them can disable it or just do nothing.
 

Caliburn

Well-known member
#8
I find just identifying the proxy accounts would be sufficient. Displaying a notice or something. Forums that allow them can disable it or just do nothing.
I don't think there is any forum software out there right now that does what you're asking. At least, none of the major ones. Something like this, in my opinion, would be better left for a modification.
 

James

Well-known member
#9
Just because it doesn't do it, doesn't mean it's not a good idea :p We can't efficiently block them, but we can block basic ones using HTTP_X_FORWARDED_FOR and checking referrers.
 

Caliburn

Well-known member
#10
Just because it doesn't do it, doesn't mean it's not a good idea :p We can't efficiently block them, but we can block basic ones using HTTP_X_FORWARDED_FOR and checking referrers.
You do realize that almost anybody savvy enough to understand what a Proxy is and how to properly use one also knows how easily they can simply call their ISP and have their IP address changed which would in turn nullify any potential benefit of this?
 

James

Well-known member
#11
You do realize that almost anybody savvy enough to understand what a Proxy is and how to properly use one also knows how easily they can simply call their ISP and have their IP address changed which would in turn nullify any potential benefit of this?
Yes, but we also can't assume that everyone is tech-savvy. A lot of kids in schools use a proxy to bypass their school filters, a lot of them have no idea how it works and just ask for a simple solution to a problem.

We shouldn't assume that everyone is tech-savvy. If we did, why would we spend so much time on our products making them user-friendly to the newest of internet users? 
 

Caliburn

Well-known member
#12
Yes, but we also can't assume that everyone is tech-savvy. A lot of kids in schools use a proxy to bypass their school filters, a lot of them have no idea how it works and just ask for a simple solution to a problem.

We shouldn't assume that everyone is tech-savvy. If we did, why would we spend so much time on our products making them user-friendly to the newest of internet users?
10 years ago, I may have agreed with this. With today's high tech world though, I can't. The children today are too wired and too immersed in technology. A simple google search for 'ban evasion' brings up detailed how-to methods as well.
 

James

Well-known member
#13
Indeed, but this added piece of code prevents the use of the crap proxies, basically.
A lot of our youngsters are indeed becoming more immersed in technology as technology advances, but that doesn't mean we can't add prevention methods for 'just in case' measures.

We do a lot of things in life that can be easily bypassed, but we still do them. You mentioned earlier that IPs can be changed so easily by ringing the ISP, but we still identify users by their IP address to an extent.
 

feldon30

Well-known member
#14
Does it add any overhead to do the various lookups, etc.?

I could see an icon under Who's Online for each user who is detected as being from a proxy. That should be enough if you are on the prowl for ban evaders.
 
#15
OK, so there's not much we can do about proxies these days but there are certain (slightly useless) things we can do such as HTTP_X_FORWARDED_FOR and checking if the referrer is from a proxy URL...

Does XF utilise these things to detect proxy servers, or did they decide proxies aren't such a bad thing after all? ;)
I like it