1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 9:16 pm May 21, 2026

Forum Moderators: phranque

Message Too Old, No Replies

Block requests from open proxies

         

GunnarH

8:14 pm on May 9, 2009 (gmt 0)

10+ Year Member



I wrote a Perl module that can be used to block HTTP requests from open proxies. The intended purpose is to prevent bogus form submissions.

Before the request is further processed, the module grabs REMOTE_ADDR and does the following:

  • Takes a few ports that are commonly used by open proxies and lets Nmap [nmap.org] determine which of those ports are open at REMOTE_ADDR.
  • Attempts to use each of the open ports as a proxy, and if any of the requests would succeed, sends a 403 error and exits.

Once the module has been configured and installed, and assuming that Perl is the programming language, all I need to do is inserting these two lines in the beginning of the form processing script: 


use HTTP::ProxyTest; 
proxytest();

I would appreciate your comments on this approach to deal with bogus form submissions from open proxies.

[edited by: phranque at 5:25 am (utc) on May 11, 2009]
[edit reason] personal url. See TOS [webmasterworld.com] [/edit]

function7

8:41 pm on May 9, 2009 (gmt 0)

10+ Year Member



Would this prevent users from visiting my website through web proxy sites like those found on proxy.org? It seems that since this script depends on port numbers, which are somewhat arbitrary, this might not work for such a purpose.

GunnarH

9:44 pm on May 9, 2009 (gmt 0)

10+ Year Member



I'm not familiar with proxy.org, but I suppose it would stop such requests as well. Note, though, that it does not stop them from visiting your whole site; only those scripts you choose.

Detecting open proxies involves port scanning; AFAIK there is no other way. You are right about ports used for bad things are arbitrary. I picked some port numbers that seem to be often used for open HTTP proxies, but yes, a request from a proxy on some other port won't be catched. That's one reason why I asked for comments on the approach.

Besides that, I can assure you that it works. :)

[edited by: GunnarH at 10:19 pm (utc) on May 9, 2009]

 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. WebmasterWorld / Webmaster General 9:16 pm May 21, 2026