Detecting proxies and denying their access.

[minhtam2448]

Hi. I've been running a little contest using a nomination form, and so far, I am suspecting someone is using a proxy to try to multi-vote. Generally, the only method I know of trying to avoid this is to ban an array of IPs, which isn't really a good idea as some innocents may be affected.

Knowing how proxies work, I know that I can't really eradicate this problem, but only suppress it. Is there a way to detect proxies and denying them access through the CGI script?

 

[travs69]

You should probably just make people sign up to vote.
Good proxies can completely hide themselves.

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Travis - Those who say it cannot be done are usually interrupted by someone else doing it; Give the wrong symptoms, get the wrong solutions;

 

[minhtam2448]

Ah, yeah, I know that much. Good proxies are really good. Kind of why the NBA All-Star ballot has millions of votes. I just want to know if there was anyway to detect and deny proxy access through a CGI script. Of course, I just want to get rid of the basic general proxies, such as AOL ones or something like that.

 

[Kirsle]

You can check the environment variable $ENV{X_FORWARDING_FOR}, as some proxies will send that and it'd contain the IP address of the person using the proxy (whereas the usual $ENV{REMOTE_ADDR} would just get the proxy IP). If X_FORWARDING_FOR exists, they're using a proxy.

-------------
Cuvou.com | My personal homepage
Project Fearless | My web blog