Block Proxy Users?

[Buya]

Has anyone had experience blocking proxy users?

I would like to block open/public/private proxies from accessing my site. Our target audience is mostly teenagers and lately some of them have found it fun to try and reak havoc on us through proxies.

I figure I could d/l one of many proxy lists and add them one at a time to the ban list in cPanel but that would be tedious.

Can anyone tell me if having a huge ip ban list in cPanel would slow down my site? (would this caus a higher load time?)

Suggestions?

[Gwaihir]

and add them one at a time to the ban list in cPanel but that would be tedious.

Hmm.. and what does cPanel do with them, I wonder? Add them to you main .htaccess? If so, save yourself the tedious part and just add the whole list at once yourself.

[Gwaihir]

Just tested the above assumption and indeed they are written in your .htaccess file. I blocked two (pretty irrelevant) IPs to test and found this at the bottom of my .htaccess after that:

Code:

deny from 192.168.0.1
deny from 192.168.0.2

So, if you wish to block a long list, you'll manage a lot quicker by putting those lines down there yourself than by using the cPanel for it.

[gerilya]

Some not-so-anonymous proxies add HTTP request headers (for ex, via) making it possible to know 1) that the request is coming from a proxy server and 2) real IP address of a user.
I think you should be able to examine those headers via .htaccess file.
That's not a bullet proof solution, though.

Another idea to consider is having most sensitive parts of your site available for registered users only. You can require to provide geographical location (state, city, zip code) upon registration and then match it vs. geographical location of IP address before approving new users. Registered users are generally less likely to reak havoc

Having a huge ip ban list will definitely cause performance penalty.