4 * copyrights by: Daantje Eeltink (me@daantje.nl)
5 * http://www.daantje.nl
7 * first build: Mon Sep 18 21:43:48 CEST 2006
8 * last build: Tue Sep 19 10:37:12 CEST 2006
11 * This class can detect if a visitor uses a proxy server by scanning the
12 * headers returned by the user client. When the user uses a proxy server,
13 * most of the proxy servers alter the header. The header is returned to
14 * PHP in the array $_SERVER.
17 * GPL v2 licence. (http://www.gnu.org/copyleft/gpl.txt)
20 * If you like this class and find it usefull, please donate one or two
21 * coins to my PayPal account me@daantje.nl
24 * Add open proxy black list scan.
27 class proxy_detector {
33 function proxy_detector(){
34 $this->config = array();
38 $this->scan_headers = array(
40 'HTTP_X_FORWARDED_FOR',
45 'HTTP_FORWARDED_FOR_IP',
53 'HTTP_PROXY_CONNECTION'
57 function exists_in_rbl($remote) {
58 $rbls = array('http.dnsbl.sorbs.net', 'misc.dnsbl.sorbs.net');
59 // $remote = $_SERVER['REMOTE_ADDR'];
60 // $remote = '213.134.170.206';
61 // $remote = '64.34.166.71';
63 if (preg_match("/([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/",
65 foreach ($rbls as $rbl) {
66 $rblhost = $matches[4] . "." . $matches[3] . "." .
67 $matches[2] . "." . $matches[1] . "." . $rbl;
69 $resolved = gethostbyname($rblhost);
70 // echo "RBL ".$rblhost."<br>";
71 if ($resolved != $rblhost) {
80 * VOID setHeader( STRING $trigger )
81 * Set new header trigger...
83 function setHeader($trigger){
84 $this->scan_headers[] = $trigger;
89 * ARRAY $triggers = getHeaders( VOID )
90 * Get all triggers in one array
92 function getHeaders(){
93 return $this->scan_headers;
98 * VOID setConfig( STRING $key, STRING $value)
101 function setConfig($key,$value){
102 $this->config[$key] = $value;
107 * MIXED $config = getConfig( [STRING $key] )
108 * Get all config in one array, or only one config value as a string.
110 function getConfig($key=''){
112 return $this->config[$key];
114 return $this->config;
119 * STRING $log = getLog( VOID )
120 * Get last logged information. Only works AFTER calling detect()!
123 return $this->lastLog;
128 * BOOL $proxy = detect( VOID )
129 * Start detection and return true if a proxy server is detected...
135 if ($this->exists_in_rbl($_SERVER['REMOTE_ADDR']) == TRUE)
139 foreach($this->scan_headers as $i){
140 //proxy detected? lets log...
142 $log.= "trigger $i: ".$_SERVER[$i]."\n";
145 //let's do something...
147 $log = $this->lastLog = date("Y-m-d H:i:s")."\nDetected proxy server: ".gethostbyaddr($_SERVER['REMOTE_ADDR'])." ({$_SERVER['REMOTE_ADDR']})\n".$log;
150 if($this->getConfig('MAIL_ALERT_TO'))
151 mail($this->getConfig('MAIL_ALERT_TO'),"Proxy detected at {$_SERVER['REQUEST_URI']}",$log);
154 $f = $this->getConfig('LOG_FILE');
158 fwrite($fp,"$log\n");
161 die("<strong>Fatal Error:</strong> Couldn't write to file: '<strong>$f</strong>'<br>Please check if the path exists and is writable for the webserver or php...");
169 //nope, no proxy was logged...
177 $proxy = new proxy_detector();
180 if(!$proxy->detect()) {
181 //returned true, lets die...
182 echo "<br><br><div style=\"text-align:center;\"><h1>Proxy detected</h1><br><br>";
183 echo "Please disable your proxy server in your browser preferences or internet settings, and try again.<br><br></div>";
186 echo nl2br($proxy->getLog());
189 // echo "<hr><strong>proxy detector v0.1</strong> - ©2006 <a href=\"http://www.daantje.nl\" target=\"_blank\">daantje.nl</a>";
191 //and do nothing anymore! (but not in my example)