Hello,

I am currently writing a script that will be integrated into our ordering system to detect if the person ordering is using a proxy. To be the most robust, I would like to include as many ways to determine proxies as possible. Currently, I have thought of the following:

Check ports 8080, 5080, 1080, 8008 at the IP address trying to signup. (And any other commonly used ports for proxies).

Keep a blacklist of commonly used proxy IP's (for example paid proxy services or if there are any free ones left)

Those are the only two ways I have found to determine if someone is using a proxy. So.. do any of you guys know of other ways to do this, or have any suggestions regarding the two ways I listed above?

It will be much appreciated, and I will share the script with everyone here when it is finished!

Thanks!

that is going to be hard to maintain if you are going to track them per IP, there are so many open proxies, you would be constantly running after them


What about blocking legitimate people who use corporate proxies?

you could look for the X-Forwarded-For header as well

and just to add, there's ISP's that force their client to use a proxy as well, like mine does. They have outgoing HTTP ports blocked so it's either using their proxy or no web browsing.

This is more for informational purposes than to actually not accept the order. Ie... We are setting up instant activation... if a proxy is used, we will not instantly activate the account, but will still consider accepting the order if all of the other information can be manually verified.

CareBear - thanks for the suggestion, I will look into that! I knew some ISP's forced customers to use their proxy, but was under the impression that this was a pretty low percentage... are you using a local ISP, or a larger one?

Perhaps after I've written the script I will have to collect some data on the percentage of people using proxies on the internet...

Anyone know a rough estimate off the top of their head? If it is large there is no sense in even writing the script....

Hmm... just found some stats out of 1997 that shows proxy usage at about 30% of internet users and growing at 5-6% per year (studied over 4 years)... I'm starting to think whether an order comes from a proxy or not is a pointless piece of information.

CareBear - thanks for the suggestion, I will look into that! I knew some ISP's forced customers to use their proxy, but was under the impression that this was a pretty low percentage... are you using a local ISP, or a larger one?It's a semi national cable ISP. A rough estimate would be that about 1/3 to 1/4 of the people online here are 'stuck' with them.
Most as far as I know leave it open as an option but mine claims they need the bandwith it saves them but to me blocking outgoing port 80 for customers is just plain annoying since not every piece of software was made with that in mind.

I'm starting to think whether an order comes from a proxy or not is a pointless piece of information.I guess it all depends on the kind of proxy, an anonymizer is something different then a normal one that's kind enough to tell you which IP it's forwarding requests for through the X-Forward-To HTTP header.