xF2 Add-on Proxy Check 1.4.2

[ENXF NET]

ENXF NET submitted a new resource:

Proxy Check - Block Access to Proxy/VPN

Proxy Check is a Simple Addon which checks for Proxy or VPN Ips and disallow access to them in your forum.

Proxy Check is implemented in such a manner that as a guest users can access your site but when they login to your forum , they must login through their original internet without using Proxy or VPN.

Read more about this resource...

 

[qwers]

removed the plugin, but still won't allow it to enter the site ... What should I do?
Writes "You can't use proxy, VPN or data center IP here"

 

[Bicker]

i think this is a bad idea a lot of people have no choice and have to use a vpn or proxy in some countries

 

[xauUUL]

fixed issue.

 

[Soft4Win]

Addon is not working @ENXF NET

Its always keep giving error "Proxy, VPN or Data center IP are not allowed here"
even im not using anything such as vpn or etc.

How im going to disable this addon, i cant acces admin panel?

xauUULTry adding this in config.php, all addons will be disabled than you can uninstall that addon and than remove that line.

$config['enableListeners'] = false;

 

[xauUUL]

Try adding this in config.php, all addons will be disabled than you can uninstall that addon and than remove that line.

$config['enableListeners'] = false;

Soft4Winokay i used that code and uninstalled. but addon must be updated.

 

[Soft4Win]

okay i used that code and uninstalled. but addon must be updated.

xauUULI don't think this addon have any new updates to it.

 

[xauUUL]

solved

 

[BattleKing]

But addon is not working correct,

When i open vpn in enxf.net, its immeditely detecting that im using vpn, when i turn it off, its working without problem and i can access website again.

But when i open vpn in test site which is installed this addon, its detecting. when i turn it off, its still saying still im using vpn, and i cant even access website again, only way to fix is adding this code in config.php.

Am i doing something wrong or addon is not working correct?

That means, this addon is not working probably

xauUULShow us the configuration you have made for that addon. Where is your test site located and installed, is it something external or inside your network?

 

[BattleKing]

Show us the configuration you have made for that addon. Where is your test site located and installed, is it something external or inside your network?

BattleKingFor my understanding the first one missed possibly the IPv6 check, which is the reason that you got the message: "Proxy, VPN or Data center IP are not allowed here". To solve that please correct in Listener.php the following function with the shown content below:

    public static function proxy_exclude($ip) {
        $ip1 = gethostbyname($_SERVER["REMOTE_ADDR"]);
        $res = false;
        if($ip1 == '127.0.0.1' || $ip1 == '::1') $res = true;
        return $res;
    }

 

[BattleKing]

For my understanding the first one missed possibly the IPv6 check, which is the reason that you got the message: "Proxy, VPN or Data center IP are not allowed here". To solve that please correct in Listener.php the following function with the shown content below:

    public static function proxy_exclude($ip) {
        $ip1 = gethostbyname($_SERVER["REMOTE_ADDR"]);
        $res = false;
        if($ip1 == '127.0.0.1' || $ip1 == '::1') $res = true;
        return $res;
    }

BattleKingThen we can disable the check for admins and moderators, like that and to get the real IP if you are using cloudflare:

<?php 


namespace XFDev\ProxyCheck;

class Listener
{

    public static function proxyCheck(\XF\Entity\User &$visitor)
    {

        if($visitor->user_id != 0)
        {
            if (self::proxy_exclude($_SERVER["REMOTE_ADDR"]) == false ) {
                $ip = self::getUserIP();

                 $ch = curl_init();
                 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
                 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                 curl_setopt($ch, CURLOPT_URL, 'https://blackbox.ipinfo.app/lookup/'.$ip);
                 $result = curl_exec($ch);
                 curl_close($ch);

                if($result == 'Y' or $result == 'X'){
                    if( ($visitor->is_admin || $visitor->is_moderator) == false) {
                        //\XF::dump($visitor);
                        echo "Proxy, VPN or Data center IP ($ip) are not allowed here";
                        exit();
                    }
                }
            }

        }
    }

    public static function proxy_exclude($ip) {
        $ip1 = gethostbyname($_SERVER["REMOTE_ADDR"]);

        $res = false;
        if($ip1 == '127.0.0.1' || $ip1 == '::1') $res = true;

        
        return $res;
    }
    
    public static function getUserIP()
    {
        // Get real visitor IP behind CloudFlare network
        if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
                  $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
                  $_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
        }
        $client  = @$_SERVER['HTTP_CLIENT_IP'];
        $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
        $remote  = $_SERVER['REMOTE_ADDR'];

        if(filter_var($client, FILTER_VALIDATE_IP))
        {
            $ip = $client;
        }
        elseif(filter_var($forward, FILTER_VALIDATE_IP))
        {
            $ip = $forward;
        }
        else
        {
            $ip = $remote;
        }

        return $ip;
    }
}

 

[ENXF NET]

Then we can disable the check for admins and moderators, like that and to get the real IP if you are using cloudflare:

<?php 


namespace XFDev\ProxyCheck;

class Listener
{

    public static function proxyCheck(\XF\Entity\User &$visitor)
    {

        if($visitor->user_id != 0)
        {
            if (self::proxy_exclude($_SERVER["REMOTE_ADDR"]) == false ) {
                $ip = self::getUserIP();

                 $ch = curl_init();
                 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
                 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                 curl_setopt($ch, CURLOPT_URL, 'https://blackbox.ipinfo.app/lookup/'.$ip);
                 $result = curl_exec($ch);
                 curl_close($ch);

                if($result == 'Y' or $result == 'X'){
                    if( ($visitor->is_admin || $visitor->is_moderator) == false) {
                        //\XF::dump($visitor);
                        echo "Proxy, VPN or Data center IP ($ip) are not allowed here";
                        exit();
                    }
                }
            }

        }
    }

    public static function proxy_exclude($ip) {
        $ip1 = gethostbyname($_SERVER["REMOTE_ADDR"]);

        $res = false;
        if($ip1 == '127.0.0.1' || $ip1 == '::1') $res = true;

        
        return $res;
    }
    
    public static function getUserIP()
    {
        // Get real visitor IP behind CloudFlare network
        if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
                  $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
                  $_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
        }
        $client  = @$_SERVER['HTTP_CLIENT_IP'];
        $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
        $remote  = $_SERVER['REMOTE_ADDR'];

        if(filter_var($client, FILTER_VALIDATE_IP))
        {
            $ip = $client;
        }
        elseif(filter_var($forward, FILTER_VALIDATE_IP))
        {
            $ip = $forward;
        }
        else
        {
            $ip = $remote;
        }

        return $ip;
    }
}

BattleKingGreat, Everything is fine

 

[ilona]

try this code with some debug statements and check what is in REMOTE_ADDR:

<?php


namespace XFDev\ProxyCheck;

class Listener
{

    public static function proxyCheck(\XF\Entity\User &$visitor)
    {

        if($visitor->user_id != 0)
        {
            if (self::proxy_exclude($_SERVER["REMOTE_ADDR"]) == false ) {
                $ip = self::getUserIP();

                 $ch = curl_init();
                 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
                 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                 curl_setopt($ch, CURLOPT_URL, 'https://blackbox.ipinfo.app/lookup/'.$ip);
                 $result = curl_exec($ch);
                 curl_close($ch);

                if($result == 'Y' or $result == 'X'){
                    if( ($visitor->is_admin || $visitor->is_moderator) == false) {
                       
                        echo "Proxy, VPN or Data center IP ($ip) are not allowed here";
                        exit();
                    }
                }
            }

        }
    }

    public static function proxy_exclude($ip) {
        $ip1 = gethostbyname($_SERVER["REMOTE_ADDR"]);

        $res = false;
        if($ip1 == '127.0.0.1' || $ip1 == '::1') $res = true;

       
        return $res;
    }
   
    public static function getUserIP()
    {
        // Get real visitor IP behind CloudFlare network
        if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
                  $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
                  $_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
        }
        $client  = @$_SERVER['HTTP_CLIENT_IP'];
        $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
        $remote  = $_SERVER['REMOTE_ADDR'];
        \XF::dump($_SERVER);
        if(filter_var($client, FILTER_VALIDATE_IP))
        {
            $ip = $client;
        }
        elseif(filter_var($forward, FILTER_VALIDATE_IP))
        {
            $ip = $forward;
        }
        else
        {
            $ip = $remote;
        }

        return $ip;
    }
}

BattleKingi have to change "127.0.0.1" for my server IP or?

 

[BattleKing]

i have to change "127.0.0.1" for my server IP or?

ilonaNo, check if the IP might be black listed which you get back from the debug statement

 

[jim]

My site is protected by Cloudflare when I installed this now it shows this

Maybe if i pause Cloudflare it'll work?



I don't recommend this addon if you are using Cloudflare

​

 

[BattleKing]

My site is protected by Cloudflare when I installed this now it shows this
View attachment 25750
Maybe if i pause Cloudflare it'll work?



I don't recommend this addon if you are using Cloudflare

​

jimIt works as well with cloudflare, see my comment in this post: https://enxf.net/threads/proxy-check.3954/post-30367

 

[jim]

It works as well with cloudflare, see my comment in this post: https://enxf.net/threads/proxy-check.3954/post-30367

BattleKingI'll try again thx.

 

[Soul02]

Thanks @BattleKing

 

[Cwadel]

hi

how to authorize by group?

$visitor->is member of(group) ?

thanks for reply

 

[BattleKing]

hi

how to authorize by group?

$visitor->is member of(group) ?

thanks for reply

Cwadel$xf.visitor.isMemberOf(GROUPID)

 

[Cwadel]

$xf.visitor.isMemberOf(GROUPID)

BattleKingafter testing it doesn't work it gives me an error
HTTP ERROR 500

 

[Cwadel]

$xf.visitor.isMemberOf(GROUPID)

BattleKingsolve edit like this

 if( ($visitor->is_admin || $visitor->is_moderator ||   $visitor->isMemberOf(7)) == false)