i have several users who like to cause a lot of trouble. they boast that they can't be banned because they use proxy servers. well you can ban their true IP but once u do that, they use proxy's. there is a hack that will allow u to detect the proxy server and will even tell u their true IP. could someone modify this hack to make it an option in the admin cp that you can disallow anyone using a proxy? i would be most appreciative and so would several other people i know who have the same problem. thanks!

This is NOT tested:

edit functions.php, find:

$ipaddress=$HTTP_SERVER_VARS['REMOTE_ADDR'];


After that add:
if (getenv("HTTP_FORWARDED")!="") {
$proxyip=getenv("HTTP_FORWARDED");
} elseif (getenv("HTTP_X_FORWARDED_FOR")!="") {
$proxyip=getenv("HTTP_X_FORWARDED_FOR");
} elseif (getenv("HTTP_CLIENT_IP")!="") {
$proxyip=getenv("HTTP_CLIENT_IP");
} else {
$proxyip="";
}



find

if (strstr(" ".$ipaddress," ".trim($val))!="") {
eval("standarderror(\"".gettemplate("error_banip")."\");");
}


After that add:

if ($proxyip AND strstr(" ".$proxyip," ".trim($val))!="") {
eval("standarderror(\"".gettemplate("error_banip")."\");");
}


What it does is this: It checks if user has a proxy user and if yes it not only matchs his proxy IP but also real IP for banned IPs and if either one matches, he is banned.

However please notice that not every proxy server sends the real IP to your site so your users might have a point while saying you can not get their real IP anyway if they are using such a proxy server.

Again I didn't test the hack myself..

this will help a lot but i would prefer if i could make it that the board banned all proxys from registered users but allowed proxys by admins (i use a proxy at work). is that possible? thanks.

edit global.php, find:

checkipban();

Before that add:

if (getenv("HTTP_FORWARDED")!="") {
$proxyip=getenv("HTTP_FORWARDED");
} elseif (getenv("HTTP_X_FORWARDED_FOR")!="") {
$proxyip=getenv("HTTP_X_FORWARDED_FOR");
} elseif (getenv("HTTP_CLIENT_IP")!="") {
$proxyip=getenv("HTTP_CLIENT_IP");
} else {
$proxyip="";
}
if ($proxyip AND $bbuserinfo[usergroupid]!=6) { eval("standarderror(\"".gettemplate("error_banip")."\");");exit;}

i think it works. both codes work. i had someone w/ a proxy test it and it seems to show that the server is busy?? i'll post a SS of the error soon. if i want to allow mod level people or possibly create a user group that i allow proxys, how would that look? i think if someone could make this nice and clean to go along w/ the existing proxy hack, and make it an option in the admin cp, a lot of people who get trouble makers on their forums will be very happy!! thanks.

here is the error.

nope it's suppose to display "error_banip" template, this error does not seem related

It would affect alot of users including NTL and freeserve which are quite big in the UK who use transparent proxies and then add HTTP_CLIENT_IP to pass the real IP.

Originally posted by PPN
It would affect alot of users including NTL and freeserve which are quite big in the UK who use transparent proxies and then add HTTP_CLIENT_IP to pass the real IP.

its been working for most, no one has gotten that error however there have been a few people who have been banned who say they aren't on proxys, why would that be?

@BlackDeath - I know you may have trouble with Proxies, but people like myself, are forced to use a Proxy to access the internet...

Our home network will only issue an Internet connection if you have the Proxy settings setup...

You should consider all sides before totally banning;)

Satan

Originally posted by hellsatan
@BlackDeath - I know you may have trouble with Proxies, but people like myself, are forced to use a Proxy to access the internet...

Our home network will only issue an Internet connection if you have the Proxy settings setup...

You should consider all sides before totally banning;)

Satan

im aware of that, thats why i requested that someone make it an option in the admin cp to allow a certain user group. i would like to create a usergroup of people w/ proxys that i want to allow in and i can edit the banip template to say that if they are using a proxy to contact me so they can get access. if i can make it an opiton in the cp, that would make it easier for my mods to manage. as it is now, i have to allow it in the code. thanks.

Oh ok...

Serves me right for Skim-reading:p

Satan

Originally posted by BlackDeath


im aware of that, thats why i requested that someone make it an option in the admin cp to allow a certain user group. i would like to create a usergroup of people w/ proxys that i want to allow in and i can edit the banip template to say that if they are using a proxy to contact me so they can get access. if i can make it an opiton in the cp, that would make it easier for my mods to manage. as it is now, i have to allow it in the code. thanks.
If you replace line:
if ($proxyip AND $bbuserinfo[usergroupid]!=6) { eval("standarderror(\"".gettemplate("error_banip")."\");");exit;}

As:
if ($proxyip AND $bbuserinfo[usergroupid]==2) { eval("standarderror(\"".gettemplate("error_banip")."\");");exit;}

The hack will apply only to registered members and all other usergroups will be exempt..

Originally posted by Logician

If you replace line:
if ($proxyip AND $bbuserinfo[usergroupid]!=6) { eval("standarderror(\"".gettemplate("error_banip")."\");");exit;}

As:
if ($proxyip AND $bbuserinfo[usergroupid]==2) { eval("standarderror(\"".gettemplate("error_banip")."\");");exit;}

The hack will apply only to registered members and all other usergroups will be exempt..

should this,

if ($proxyip AND $bbuserinfo[usergroupid]==2) { eval("standarderror(\"".gettemplate("error_banip")."\");");exit;}


be actually this:

if ($proxyip AND $bbuserinfo[usergroupid]!=2) { eval("standarderror(\"".gettemplate("error_banip")."\");");exit;}

u have two "=" signs in there instead of "!="?? i dont' know much about vbb code but im good at seeing patterns. :banana:

good point but my code is correct.. ;)

In the first code while it was != it meant, if user uses proxy and IS NOT an admin. Now when it is == it means, if user uses proxy and he IS a registered member.

cool thanks. yeah i figured it out on my own cause it didn't work the way i thought it should be. thanks.

can u tell me what that code would look like if i had it affect more than 1 user group?

Originally posted by BlackDeath
can u tell me what that code would look like if i had it affect more than 1 user group?
if ($proxyip AND ($bbuserinfo[usergroupid]==2 OR $bbuserinfo[usergroupid]==X)) { eval("standarderror(\"".gettemplate("error_banip")."\");");exit;}

Has anyone got this working for 2.3.0?
I tried this last night. Just the very first part of the hack code and immeadiately got an error from it.