Test: Proxy prevention

Basti

Administrator
Staff member
Ok guys i want to test out a simple method to stop a few, yes just a few, as you cant block every proxy. Especially with a htaccess or php method which checks the headers, its almost impossible to block as most fake/remove the needed headers.
This method will work out for proxies not running javascript by default and a few older ones where this method will break their url in the browser.
It is to point out that, if you dont have problems with proxy cheating, skip this. As you will kill legitimate proxy voters.

What we will do is kill the html link to vote on the gateway ( so yes, gateway is required ) and append it again using javascript. Ive tested out a few proxies but more input would be useful to see how many are actually affected with this method

So lets start, open up gateway.html

search for this code ( this is how it looks like in parabolas default file ), if you dont find this code, please let me know how yours look like so you do it correctly.
Code:
jQuery(document).ready(function(){
    jQuery(".visio_button").hover(function(){jQuery(this).stop().animate({opacity:0.8},250)},
    function(){jQuery(this).stop().animate({opacity:1.0},250)})
    });
Change it to this
Code:
jQuery(document).ready(function(){
    jQuery(".visio_button").hover(function(){
        jQuery(this).stop().animate({opacity:0.8},250);
    },
    function(){
        jQuery(this).stop().animate({opacity:1.0},250);
    });
 
    var countdown = 5;
    var vote = $('#vote span');
    function doVote() {
        var link = '{$list_url}/index.php?a=in&u={$username}&sid={$sid}';
 
        if (countdown > 0){
            $('#vote span').html('Please wait '+countdown);
            window.setTimeout(function() {
                doVote();
            }, 1000);
 
            countdown--;
        }
        else {
            $('#vote').attr('href', ($('#mc_user').val()) ? link + "&mc_user=" + $('#mc_user').val() : link);
            $('#vote span').html('{$lng->gateway_vote}');
        }           
    }
    doVote();
 
});
Ive included also a simple countdown the user needs to wait until he can click vote. If you do not need it, simply change the countdown base value to zero ( 0 )
Code:
var countdown = 5;
Next up, find this
Code:
<a href="{$list_url}/index.php?a=in&amp;u={$username}&amp;sid={$sid}" class="visio_button large_button green" target=""><span>{$lng->gateway_vote}</span></a>
Change to
Code:
<a href="#" class="visio_button large_button green" id="vote" target=""><span>{$lng->gateway_vote}</span></a>
Thats it. Ofcourse if the user is clever enough he might break it. But i find this pretty useful to block at least a few of them
 

cajkan

Active Member
Very good Basti.

I have 1 question -
What if users / visitors dont realise that we use this kind of cheat protection, and they gonna complain that our website dont work as it should.
Is there any chance real votes get stuck in this?
 

Basti

Administrator
Staff member
yes there is chance that legitimate visitors are catched with it. There is only block proxy(some) or dont block. Thats why i said if your certain all is ok on ur list dont do it
 

panzerdude

Member
Thank you Basti,

I've just make the edits and tested it on 10 proxy sites that I know work with other top sites and with these edits it stopped the proxy votes from counting on my site.

I am going to definitely going to be using this.

BTW is there any advantage using var countdown = 5; like for automated vote bots or anything, do you recommend using this option?
 

Basti

Administrator
Staff member
That sounds good :)
No the visual countdown was simply a request i had by a VL user ( for who i did this ), so i thought to include it for anyone wanting to use it.
However who knows if it might as well stop bots, i dont know how they function. But maybe they dont wait 5 seconds
 

panzerdude

Member
That sounds good :)
No the visual countdown was simply a request i had by a VL user ( for who i did this ), so i thought to include it for anyone wanting to use it.
However who knows if it might as well stop bots, i dont know how they function. But maybe they dont wait 5 seconds

Ok cool thanks
 

cajkan

Active Member
Was wondering, what if - visitor vote for 2 sites?

Example for :
Category: Aion
Category: WoW
 

Basti

Administrator
Staff member
what does that have to do with this? please keep this for the proxy discussion only
 

panzerdude

Member
Hi,

I've had some reports of members getting 403 errors, is there any way the plugin is doing that or edits to the htacess file would be causing those inadvertently.

Code:
RewriteEngine on
RewriteCond %{HTTP:VIA}                !^$ [OR]
RewriteCond %{HTTP:FORWARDED}          !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA}      !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR}    !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION}  !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP}      !^$
RewriteRule ^(.*)$ - [F]
Thanks,
 

Basti

Administrator
Staff member
RewriteRule ^(.*)$ - [F]
Thats means if any rule above that match, forbid them access ( 403 )
Would bet hes using one of the few proxies where that htaccess code is working
 

ADKGamers

New Member
License Active
I was one of those individuals that was blocked with a 403 while accessing from my home network. Along with some others from around the country/world who I asked again if they were on a proxy and they said no. I don't use proxies and never will use them...just a pain in the ass for me.

It's working now, but there were a few days where I couldn't access the site here and there.
 

Basti

Administrator
Staff member
Well iam not to familar with that piece of htaccess, but a rule, dont know which is kicking in. You might better remove it until you actually have problems with proxies
 

ADKGamers

New Member
License Active
Yeah I'm not certain what he did, if he changed anything or not. I haven't gotten the issue at all in the past 2 days or so, so he might have removed it.
 

panzerdude

Member
I've removed the extra htaccess code now, I'll just still with the proxy prevention plugin from here on out. I don't know what was throwing out the server errors, I'll just have to keep an eye on things. Thanks
 

top50servers

Active Member
The jquery did not work for me, there was no timer displayed and the link never allowed me to vote.

If this needs updating could it please be done. I am having issues with proxy servers and need a way to control it.
 

Basti

Administrator
Staff member
Good catch top50! This is cos of the updated jquery and we forgot that change
If you open up gateway.html you see at top
Code:
    <script type="text/javascript" src="js/jquery-1.4.4.min.js"></script>
The version need to be 1.9.1 , so
Code:
    <script type="text/javascript" src="js/jquery-1.9.1.js"></script>
 

Basti

Administrator
Staff member
And you made the edit to the vote link also?

I just followed my steps again to make sure and it does work
 

top50servers

Active Member
Edit: FIXED!

I had to change the src= to my domain name.

Code:
 <script type="text/javascript" src="http://www.your-domain.com/js/jquery-1.9.1.js"></script>
 
Top