Ask a Jedi: Using ColdFusion to detect a Proxy Server

This week I had a nice (email) conversation with Dave Dugdale. His question was:

I would like to detect if someone is using a proxy server when visiting my site. I found a script in PHP but I couldn't find one written in ColdFusion on Google or your site. Have you ever done one of these?

I certainly had not heard of such a beast, but I asked to see his PHP code. I mean, let’s be real, anything written in PHP should be easier in ColdFusion, right? Dave sent along the PHP code. I’m not sure if this is “good” code or not, but here it is:

<?php if ( $_SERVER['HTTP_X_FORWARDED_FOR'] || $_SERVER['HTTP_X_FORWARDED'] || $_SERVER['HTTP_FORWARDED_FOR'] || $_SERVER['HTTP_CLIENT_IP'] || $_SERVER['HTTP_VIA'] || in_array($_SERVER['REMOTE_PORT'], array(8080,80,6588,8000,3128,553,554)) || @fsockopen($_SERVER['REMOTE_ADDR'], 80, $errno, $errstr, 30) )

{ exit(‘Proxy detected’); } else // print the IP address on screen //echo ( getenv(‘REMOTE_ADDR’) . ‘ Welcome 1’ ); //echo ( $_SERVER[‘REMOTE_ADDR’] . ‘ Welcome 2’ ); //echo ( @$REMOTE_ADDR . ‘ Welcome 3’ ); //echo ( getenv(‘REMOTE_ADDR’) . ‘ Welcome 4’ ); echo ( ‘ Welcome 5’ );

// start code

// if getenv results in something, proxy detected

?> </code>

I looked this over. The first thing I told him was that $_SERVER was most likely just a pointer to ColdFusion’s CGI scope. Any place he saw that he could just switch it with CGI. For example:

<cfif cgi.http_x_forwarded_for neq "">

You could then simply add the 4 other CGI variables to the CFIF.

The inArray looks to be a simple “Does this value exist in the array”. For that I suggested just using listFindNoCase.

<cfif listFindNoCase("8080,80,etc",cgi.remote_port)>

All together, I wrote this up as:

<cfif cgi.http_x_forwarded neq "" or cgi.http_x_forwarded neq "" or cgi.http_forwarded_for neq "" or cgi.http_client_ip neq "" or cgi.http_via neq "" or listFind("8080,80,6588,8000,3128,553,554", cgi.remote_port)> Proxy! </cfif>

This seems to work well. But the last clause makes no sense to me or Dave:

@fsockopen($_SERVER['REMOTE_ADDR'], 80, $errno, $errstr, 30)

I’d guess fsockopen is analogous to CFHTTP, but as to what it is checking here, I have no idea. Anyone want to help complete the puzzle?

Raymond Camden's Picture

About Raymond Camden

Raymond is a developer advocate. He focuses on JavaScript, serverless and enterprise cat demos. If you like this article, please consider visiting my Amazon Wishlist or donating via PayPal to show your support.

Lafayette, LA https://www.raymondcamden.com

Comments