[2.0.18] Block Open Proxy Registrants

All new MODs released in our MOD Database will be announced in here. All support for released MODs needs to take place in here. No new MODs will be accepted into the MOD Database for phpBB2
Forum rules
READ: phpBB.com Board-Wide Rules and Regulations

On February 1, 2009 this forum will be set to read only as part of retiring of phpBB2.
Post Reply

Rating:

Excellent!
50
63%
Very Good
11
14%
Good
8
10%
Fair
1
1%
Poor
9
11%
 
Total votes: 79

Extensions Robot
Extensions Robot
Extensions Robot
Posts: 29216
Joined: Sat Aug 16, 2003 7:36 am

[2.0.18] Block Open Proxy Registrants

Post by Extensions Robot »

MOD Name: Block Open Proxy Registrants
Author: TerraFrost
MOD Description: Blocks those attempting to register from open proxies.


MOD Version: 2.2.1 (Updated 12/22/05)

Download File: proxy-2.2.1.zip
mods overview page: View
File Size: 44174 Bytes

Security Score: 0

Support for this MOD needs to be asked within this topic. The phpBB Teams are not responsible or required to give anyone support for this MOD. By installing this MOD, the phpBB Support Team or phpBB MODifications Team may not be able to provide support.

This MOD has only been tested by the phpBB MOD Team with the phpBB version in the topic title. It may not work in any other versions of phpBB.
Last edited by Extensions Robot on Mon Apr 30, 2007 12:30 am, edited 1 time in total.
(this is a non-active account manager for the phpBB Extension Customisations Team)
wGEric
Former Team Member
Posts: 8805
Joined: Sun Oct 13, 2002 3:01 am
Location: Friday
Name: Eric Faerber
Contact:

Post by wGEric »

MOD Validated/Released

Notes:
This MOD makes it so that people who are using open proxies can't register at your forums. This makes it so that the users can't evade an IP ban or hide behind an IP that isn't really the users. Most users that use open proxies have something to hide.
Last edited by wGEric on Wed Jan 05, 2005 1:39 am, edited 1 time in total.
Eric
User avatar
onigumo
Registered User
Posts: 1755
Joined: Fri Oct 31, 2003 2:32 am
Contact:

Post by onigumo »

How many people use open proxy, though? Could it be a default option on many people's computers?
I write articles on community building
@ The Infinity Program.
TerraFrost
Former Team Member
Posts: 5957
Joined: Sun Dec 26, 2004 3:40 am
Location: Austin, TX

Post by TerraFrost »

in my experience, the only people who use open proxies are those who have something to hide (and most people don't).

as far as people having it as a default option - i can't say why anyone would have it as a default option. there are plenty of legitimate reasons for closed proxies on lans - namely, speed improvements - but open proxies - proxies that anyone can use for whatever purpose suits them - really don't have those same benifits.
User avatar
onigumo
Registered User
Posts: 1755
Joined: Fri Oct 31, 2003 2:32 am
Contact:

Post by onigumo »

How likely is it, though, that someone might happen to have open proxy enabled by default if he or she is using DSL? I believe I might have open proxy because, when I installed this MOD (the unreleased version) and logged out then tried to register, I was denied.
I write articles on community building
@ The Infinity Program.
TerraFrost
Former Team Member
Posts: 5957
Joined: Sun Dec 26, 2004 3:40 am
Location: Austin, TX

Post by TerraFrost »

not that i have DSL (i have cable), but i don't believe it's very likely. the thing is - if you're computer is set up as an open proxy, you can get in trouble for things you didn't do. for example, if someone wanted to "hack" a phpbb, they could send a http request that uses phpbb's highlight bug from <2.0.11 through your ip address. when the admin of the phpbb that was hacked discovers this, they may look through their logs, find your ip address, and contact *your* isp for something that *you* didn't do.

do you want that kind of liability? should webmaster's want members with that kind of liability?

anyway, what's more likely is that you're infected by a virus that has turned you into an open proxy (at which point, you should run a virus scan with the latest updates). alternatively, it's possible that you, yourself, might have used an open proxy in the past, and didn't remove it from the configuration.
User avatar
onigumo
Registered User
Posts: 1755
Joined: Fri Oct 31, 2003 2:32 am
Contact:

Post by onigumo »

Is the instructions located within the install-config text file an add-on for the install text file located within the proxy-modern folder, or is it a stand-alone?
I write articles on community building
@ The Infinity Program.
TerraFrost
Former Team Member
Posts: 5957
Joined: Sun Dec 26, 2004 3:40 am
Location: Austin, TX

Post by TerraFrost »

yup - it's an add-on.
User avatar
onigumo
Registered User
Posts: 1755
Joined: Fri Oct 31, 2003 2:32 am
Contact:

Post by onigumo »

Thank you for the clarification as well as the replies to my previous posts.
I write articles on community building
@ The Infinity Program.
User avatar
onigumo
Registered User
Posts: 1755
Joined: Fri Oct 31, 2003 2:32 am
Contact:

Post by onigumo »

How do I know it's working? Can I get it tested somehow? I have implemented it and didn't find any problems when testing registration.
I write articles on community building
@ The Infinity Program.
User avatar
onigumo
Registered User
Posts: 1755
Joined: Fri Oct 31, 2003 2:32 am
Contact:

Post by onigumo »

The following is an excerpt from install-config instructions text file:

Code: Select all

#-----[ FIND ]------------------------------------------
# this is a partial match
#
	$port=hexdec(substr($userdata['session_proxy'],2));

#
#-----[ AFTER, ADD ]------------------------------------
#
	if ( $board_config['proxy_debug'] )
	{
		$lang['proxy'] = 'Cached Rejection.<br />'.$lang['proxy'];
	}
So, would it be okay to add the code that I'm told to add aftter directly after the code shown below [ FIND ]? In other words, can I do this:

Code: Select all

	$port=hexdec(substr($userdata['session_proxy'],2));
	if ( $board_config['proxy_debug'] )
	{
		$lang['proxy'] = 'Cached Rejection.<br />'.$lang['proxy'];
	}
I write articles on community building
@ The Infinity Program.
TerraFrost
Former Team Member
Posts: 5957
Joined: Sun Dec 26, 2004 3:40 am
Location: Austin, TX

Post by TerraFrost »

How do I know it's working? Can I get it tested somehow? I have implemented it and didn't find any problems when testing registration.

you can try accessing the registration page through an open proxy. here are some:

http://www.stayinvisible.com/index.pl/proxy_list

to configure internet explorer to use a proxy, you'll need to follow the instructions as given here:

http://support.microsoft.com/?kbid=135982
So, would it be okay to add the code that I'm told to add aftter directly after the code shown below [ FIND ]? In other words, can I do this:

that code looks okay. what would the alternative to it be?
deny
Registered User
Posts: 565
Joined: Wed May 14, 2003 9:14 am
Contact:

Post by deny »

TerraFrost wrote: in my experience, the only people who use open proxies are those who have something to hide (and most people don't).

as far as people having it as a default option - i can't say why anyone would have it as a default option. there are plenty of legitimate reasons for closed proxies on lans - namely, speed improvements - but open proxies - proxies that anyone can use for whatever purpose suits them - really don't have those same benifits.


I do not agree with you TerraFrost.Correct me if i'm wrong but i think that
you try to present user of proxy as suspicious people with "those who have something to hide".
The people want sometime proxy just to increase their privacy and protect themselves from prying eyes
Proxy servers can be used in short line:
  • - to increase the effective speed of your connection to the Internet
    - hidding ip from unscrupulous hackers
    - can help users from certain countries or geographic regions
    to bypass restriction
    - help you from site that save your visits on basis from your ip and used later to gather some personal information about you.
But there are many other possibility including negative side of people who use proxy.But so is almost everything in life.Have both side positive and negative :wink:
TerraFrost
Former Team Member
Posts: 5957
Joined: Sun Dec 26, 2004 3:40 am
Location: Austin, TX

Post by TerraFrost »

i was wondering if you'd post in this thread! :)

to address your points (and correct me if i'm wrong, too, heh)...
- to increase the effective speed of your connection to the Internet

i think that's only true when they're on a lan. if you're using a random proxy you find off some site (like the above site i linked too) the bottleneck in your connection is, in all likelyhood, gonna be the proxy server, itself.

also, if you have an open proxy server running on your lan, then your connection to the internet may very well be slower than it would have otherwise been, because any number of people not on your lan may also be downloading / uploading through the proxy.
- hidding ip from unscrupulous hackers

that can certainly be a valid reason to use a proxy, however, i think that that's only really useful on a per-website basis. i mean, giving your ip address to google, for example, probably doesn't make you any more likely to be hacked than you would have otherwise been. ultimately, i think the biggest exposure your ip address is likely to have is on usenet postings on websites that don't make it available in plain view.
- can help users from certain countries or geographic regions
to bypass restriction

that's a good point that i hadn't considered. however, as with the previous point, i think it's only really useful on a per-site basis.

i don't entirely understand what you mean with the last point.

anyway, for those wanting really in depth discussions of proxies and their uses, be they good or bad, deny actually runs a website dedicated to 'em (i hope he doesn't mind me giving the url, heh):

http://www.proxyblind.org/

that, and www.proxyelite.org, are the only websites i know of that one can find a really thorough discussion of proxies.
User avatar
onigumo
Registered User
Posts: 1755
Joined: Fri Oct 31, 2003 2:32 am
Contact:

Post by onigumo »

TerraFrost wrote: you can try accessing the registration page through an open proxy. here are some:

http://www.stayinvisible.com/index.pl/proxy_list


How do I use those IPs to access the registration page?
TerraFrost wrote: to configure internet explorer to use a proxy, you'll need to follow the instructions as given here:

http://support.microsoft.com/?kbid=135982


How about Firefox?
TerraFrost wrote: that code looks okay. what would the alternative to it be?


Down a little more. ^^
I write articles on community building
@ The Infinity Program.
Post Reply

Return to “[2.0.x] MOD Database Releases”