4

I am making a social site where users can post content and the content has views. Whenever a user from a different IP address views the content, the view count is incremented; multiple requests coming from the same IP address do not count. However lately someone is iterating though a list of proxies or something and artificially increasing the view counts. How can I prevent this? Is there something I can do by checking headers or something? Thanks.

flowers
  • 163
  • 1
  • 1
  • 9
  • It's sometimes impossible. http://stackoverflow.com/questions/858357/detect-clients-with-proxy-servers-via-php – darksky Jul 28 '12 at 01:28

2 Answers2

2

The best way to do it is pattern-recognition, since most proxies won't tell you that they are a proxy: if you see certain spikes of traffic, flag them and don't add them to the hitcount.

Alternatively, if (s)he's using the same proxies over and over again, just blacklist those IP addresses. You could also try to detect proxies by using some sort of API proxy list service or checking for listening proxy servers.

Lusitanian
  • 11,012
  • 1
  • 41
  • 38
1

there is some solutions but let us explain the problem

1- public proxies

public proxies always send special header (HTTP_X_FORWARDED_FOR) to your server contain the user real IP you can query it 

$remoteaddr =$_SERVER["REMOTE_ADDR"]; //proxy IP
$xforward = $_SERVER["HTTP_X_FORWARDED_FOR"]; //Real User IP

2- proxies protect users real ip

such proxies protect their users by don't send the real user ip , you can't protect your self against this proxies , all you can do is to get updated list for this proxies and ban it , any way most of this proxies is payed not free proxies so not all spam users uses it

3- bots and bad ips

there is public lists for the bots and updated http://www.projecthoneypot.org , and there is php implementation for it https://github.com/joshtronic/php-projecthoneypot

4- Tor Network

you can detect Tor network by query for the requested ip in TorNodes Example Request

https://check.torproject.org/cgi-bin/TorBulkExitList.py?ip=1.1.1.1&port=80

note: 1.1.1.1 is your server ip and port is your port and the request reply with list of Tor Nodes that can connect to that ip via that port

thats what in my head right now , i hope thats answered your question

Eslam Salem Mahmoud
  • 1,234
  • 9
  • 5