4 * copyrights by: Daantje Eeltink (me@daantje.nl)
5 * http://www.daantje.nl
7 * first build: Mon Sep 18 21:43:48 CEST 2006
8 * last build: Tue Sep 19 10:37:12 CEST 2006
11 * This class can detect if a visitor uses a proxy server by scanning the
12 * headers returned by the user client. When the user uses a proxy server,
13 * most of the proxy servers alter the header. The header is returned to
14 * PHP in the array $_SERVER.
17 * GPL v2 licence. (http://www.gnu.org/copyleft/gpl.txt)
20 * If you like this class and find it usefull, please donate one or two
21 * coins to my PayPal account me@daantje.nl
24 * Add open proxy black list scan.
27 class proxy_detector {
33 function proxy_detector(){
34 $this->config = array();
38 $this->scan_headers = array(
40 'HTTP_X_FORWARDED_FOR',
45 'HTTP_FORWARDED_FOR_IP',
53 'HTTP_PROXY_CONNECTION'
58 function exists_in_rbl($remote)
59 verify if an host is into a proxy black list or not
61 function exists_in_rbl($remote) {
62 $rbls = array('http.dnsbl.sorbs.net', 'misc.dnsbl.sorbs.net');
63 // $remote = $_SERVER['REMOTE_ADDR'];
64 // $remote = '213.134.170.206';
65 // $remote = '64.34.166.71';
67 if (preg_match("/([0-9]+)\.([0-9]+)\.([0-9]+)\.([0-9]+)/",
69 foreach ($rbls as $rbl) {
70 $rblhost = $matches[4] . "." . $matches[3] . "." .
71 $matches[2] . "." . $matches[1] . "." . $rbl;
73 $resolved = gethostbyname($rblhost);
74 // echo "RBL ".$rblhost."<br>";
75 if ($resolved != $rblhost) {
84 * VOID setHeader( STRING $trigger )
85 * Set new header trigger...
87 function setHeader($trigger){
88 $this->scan_headers[] = $trigger;
93 * ARRAY $triggers = getHeaders( VOID )
94 * Get all triggers in one array
96 function getHeaders(){
97 return $this->scan_headers;
102 * VOID setConfig( STRING $key, STRING $value)
105 function setConfig($key,$value){
106 $this->config[$key] = $value;
111 * MIXED $config = getConfig( [STRING $key] )
112 * Get all config in one array, or only one config value as a string.
114 function getConfig($key=''){
116 return $this->config[$key];
118 return $this->config;
123 * STRING $log = getLog( VOID )
124 * Get last logged information. Only works AFTER calling detect()!
127 return $this->lastLog;
132 * BOOL $proxy = detect( $addr )
133 * Start detection and return TRUE if a proxy server is detected...
135 function detect($addr){
136 GLOBAL $G_proxy_white_list;
139 foreach($G_proxy_white_list as $authproxy) {
140 if ($addr == $authproxy)
144 if ($this->exists_in_rbl($addr) == TRUE)
147 // //scan all headers
148 // foreach($this->scan_headers as $i){
149 // //proxy detected? lets log...
151 // $log.= "trigger $i: ".$_SERVER[$i]."\n";
154 //let's do something...
156 $log = $this->lastLog = date("Y-m-d H:i:s")."\nDetected proxy server: ".gethostbyaddr($addr)." ({$addr})\n".$log;
159 if($this->getConfig('MAIL_ALERT_TO'))
160 mail($this->getConfig('MAIL_ALERT_TO'),"Proxy detected at {$addr}",$log);
163 $f = $this->getConfig('LOG_FILE');
167 fwrite($fp,"$log\n");
170 die("<strong>Fatal Error:</strong> Couldn't write to file: '<strong>$f</strong>'<br>Please check if the path exists and is writable for the webserver or php...");
178 //nope, no proxy was logged...
184 function is_proxy($addr)
186 /* FIXME: test to verify reasons of poor multitasking performances */
190 $proxy = new proxy_detector();
193 if($proxy->detect($addr)) {
194 //returned TRUE, lets die...
195 echo "<br><br><div style=\"text-align:center;\"><h1>Accesso attaverso proxy non consentito.</h1><br><br>";
196 echo "Se state utilizzando un proxy privato e volete che sia autorizzato mandate il suo indirizzo IP (".$addr.") e il suo proprietario all'indirizzo di posta elettronica <a href=\"mailto:brisk@alternativeoutput.it\">brisk@alternativeoutput.it</a><br><br></div>";
199 echo nl2br($proxy->getLog());
202 // echo "<hr><strong>proxy detector v0.1</strong> - ©2006 <a href=\"http://www.daantje.nl\" target=\"_blank\">daantje.nl</a>";
204 //and do nothing anymore! (but not in my example)