Proxy Detection

Standard

How to detect the type of an anonymous proxy server?

 

We may occasionally find ourselves struggling with spam robots acting suspicious on our website. To be anonymous and avoid locking in their IP address, they use new fresh proxies servers.

 

There are 3 main types of proxy server

 

– Transparent proxy: we know that the HTTP request comes from a proxy and you can know about the real address of the visitor.

– Anonymous Proxy: we know that the HTTP request comes from a proxy but we cannot know the actual address of the visitor.

– High anonymous (elite) proxy: Unable to determine the use of a proxy and unable to know the IP address of the visitor. Must See!

 

I noticed that many spam tools use “transparent” proxies (the “transparent proxy” is most common). It therefore suffices to detect this type of proxy to retrieve the actual visitor’s IP address (the IP address is sent in the HTTP header by the X-Forwarded-For). In this way it is possible to enforce a ban of access to the site’s IP address.

 

Automatic proxy detection

 

The automatic new fresh proxies detection is the process by which a Web proxy server is identified by the system and used to send requests from the client. This is also called the Web Proxy Auto-Discovery (WPAD, Web Proxy Auto-Discovery). When this feature is enabled, the system attempts to locate a proxy configuration script which is responsible for returning the set of proxies that can be used for the request. If this script is found, it is downloaded, compiled, and executed on the local computer when obtaining information on the proxy, the request flow or the response to an application that uses a Web Proxy instance.

The automatic new fresh proxies detection is performed by the Web Proxy class and can use the parameters of the level of demand, the parameters of configuration files and parameters specified using the Settings dialog box on the LAN of Internet Explorer.