You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by sa...@twinix.com on 2008/06/25 15:20:13 UTC
Blocking Proxy Access
See Thread at: http://www.techienuggets.com/Detail?tx=41765 Posted on behalf of a User
Is there anyway to detect that a web user is trying to access my site via an open/anonymous proxy? Other than building a list of open proxy IP addresses and checking against it? This list would be huge and ever changing. There must be an easier way. Sorry if this post is slightly OT.
Thanks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Blocking Proxy Access
Posted by Peter Crowther <Pe...@melandra.com>.
> From: samk@twinix.com [mailto:samk@twinix.com]
> Is there anyway to detect that a web user is trying to access
> my site via an open/anonymous proxy? Other than building a
> list of open proxy IP addresses and checking against it? This
> list would be huge and ever changing. There must be an easier
> way. Sorry if this post is slightly OT.
Open/anonymous proxies deliberately have signatures that are almost identical to any other proxy, so there's no reliable way of knowing based on features of the request. You need that list. Unless someone else maintains it (and you trust them to correctly classify proxies), you'll have to build it yourself. If someone else maintains it, you may be able to use it.
What on earth is the use case, if you don't mind me asking?
- Peter
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
RE: Blocking Proxy Access
Posted by Charlie Wingate <cw...@valco-data.com>.
Well, it might be possible to design an applet that pulled someone's
public IP (maybe by polling your site directly? Have to make sure not
local IP) then cross that against the request origin into Tomcat; if
they don't match then that could be construed as a Proxy situation. I
am not sure how a proxy would handle an applet making such a request;
that would predicate this working or not.
Charlie
The significant problems we have can not be solved at the same level of
thinking with which we created them. ~Albert Einstein
-----Original Message-----
From: samk@twinix.com [mailto:samk@twinix.com]
Sent: Wednesday, June 25, 2008 9:20 AM
To: users@tomcat.apache.org
Subject: Blocking Proxy Access
Importance: High
See Thread at: http://www.techienuggets.com/Detail?tx=41765 Posted on
behalf of a User
Is there anyway to detect that a web user is trying to access my site
via an open/anonymous proxy? Other than building a list of open proxy IP
addresses and checking against it? This list would be huge and ever
changing. There must be an easier way. Sorry if this post is slightly
OT.
Thanks
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org
************************************************************************
************
This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals &
computer viruses.
************************************************************************
************
-----------------------------------------------------------
This message is a CONFIDENTIAL communication. If you are not the intended recipient, please do not read, copy, or use it, and do not disclose it to others. Please notify the sender of the delivery error by replying to this message, and then delete it from your system. Thank you.
************************************************************************************
This footnote confirms that this email message has been scanned by
PineApp Mail-SeCure for the presence of malicious code, vandals & computer viruses.
************************************************************************************
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org