xF2 Add-on Proxy Check 1.4.1

[xauUUL]

fixed issue.

 

[Soft4Win]

Addon is not working @ENXF NET

Its always keep giving error "Proxy, VPN or Data center IP are not allowed here"
even im not using anything such as vpn or etc.

How im going to disable this addon, i cant acces admin panel?

xauUULTry adding this in config.php, all addons will be disabled than you can uninstall that addon and than remove that line.

$config['enableListeners'] = false;

 

[ilona]

Then we can disable the check for admins and moderators, like that and to get the real IP if you are using cloudflare:

<?php 


namespace XFDev\ProxyCheck;

class Listener
{

    public static function proxyCheck(\XF\Entity\User &$visitor)
    {

        if($visitor->user_id != 0)
        {
            if (self::proxy_exclude($_SERVER["REMOTE_ADDR"]) == false ) {
                $ip = self::getUserIP();

                 $ch = curl_init();
                 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
                 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                 curl_setopt($ch, CURLOPT_URL, 'https://blackbox.ipinfo.app/lookup/'.$ip);
                 $result = curl_exec($ch);
                 curl_close($ch);

                if($result == 'Y' or $result == 'X'){
                    if( ($visitor->is_admin || $visitor->is_moderator) == false) {
                        //\XF::dump($visitor);
                        echo "Proxy, VPN or Data center IP ($ip) are not allowed here";
                        exit();
                    }
                }
            }

        }
    }

    public static function proxy_exclude($ip) {
        $ip1 = gethostbyname($_SERVER["REMOTE_ADDR"]);

        $res = false;
        if($ip1 == '127.0.0.1' || $ip1 == '::1') $res = true;

        
        return $res;
    }
    
    public static function getUserIP()
    {
        // Get real visitor IP behind CloudFlare network
        if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
                  $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
                  $_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
        }
        $client  = @$_SERVER['HTTP_CLIENT_IP'];
        $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
        $remote  = $_SERVER['REMOTE_ADDR'];

        if(filter_var($client, FILTER_VALIDATE_IP))
        {
            $ip = $client;
        }
        elseif(filter_var($forward, FILTER_VALIDATE_IP))
        {
            $ip = $forward;
        }
        else
        {
            $ip = $remote;
        }

        return $ip;
    }
}

BattleKingI have the same problem i see msg after installing addon
"Proxy, VPN or Data center IP are not allowed here"

what should i do?

 

[BattleKing]

I have the same problem i see msg after installing addon
"Proxy, VPN or Data center IP are not allowed here"

what should i do?

ilonaHow are you connected?

 

[ilona]

How are you connected?

BattleKingwith real IP, i use cloudflare for my website,
i added this config in Listener.php and the same info about vpn (other users has the same error

 

[BattleKing]

with real IP, i use cloudflare for my website,
i added this config in Listener.php and the same info about vpn (other users has the same error

ilonadid you also insert that code https://enxf.net/threads/proxy-check.3954/post-30367

 

[ilona]

did you also insert that code https://enxf.net/threads/proxy-check.3954/post-30367

BattleKingYes and still the same issue
Whats wrong???

 

[BattleKing]

Yes and still the same issue
Whats wrong???

ilonaMaybe cloudflare changed something

 

[BattleKing]

Maybe cloudflare changed something

BattleKingtry this code with some debug statements and check what is in REMOTE_ADDR:

<?php


namespace XFDev\ProxyCheck;

class Listener
{

    public static function proxyCheck(\XF\Entity\User &$visitor)
    {

        if($visitor->user_id != 0)
        {
            if (self::proxy_exclude($_SERVER["REMOTE_ADDR"]) == false ) {
                $ip = self::getUserIP();

                 $ch = curl_init();
                 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
                 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                 curl_setopt($ch, CURLOPT_URL, 'https://blackbox.ipinfo.app/lookup/'.$ip);
                 $result = curl_exec($ch);
                 curl_close($ch);

                if($result == 'Y' or $result == 'X'){
                    if( ($visitor->is_admin || $visitor->is_moderator) == false) {
                       
                        echo "Proxy, VPN or Data center IP ($ip) are not allowed here";
                        exit();
                    }
                }
            }

        }
    }

    public static function proxy_exclude($ip) {
        $ip1 = gethostbyname($_SERVER["REMOTE_ADDR"]);

        $res = false;
        if($ip1 == '127.0.0.1' || $ip1 == '::1') $res = true;

       
        return $res;
    }
   
    public static function getUserIP()
    {
        // Get real visitor IP behind CloudFlare network
        if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
                  $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
                  $_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
        }
        $client  = @$_SERVER['HTTP_CLIENT_IP'];
        $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
        $remote  = $_SERVER['REMOTE_ADDR'];
        \XF::dump($_SERVER);
        if(filter_var($client, FILTER_VALIDATE_IP))
        {
            $ip = $client;
        }
        elseif(filter_var($forward, FILTER_VALIDATE_IP))
        {
            $ip = $forward;
        }
        else
        {
            $ip = $remote;
        }

        return $ip;
    }
}

 

[ilona]

try this code with some debug statements and check what is in REMOTE_ADDR:

<?php


namespace XFDev\ProxyCheck;

class Listener
{

    public static function proxyCheck(\XF\Entity\User &$visitor)
    {

        if($visitor->user_id != 0)
        {
            if (self::proxy_exclude($_SERVER["REMOTE_ADDR"]) == false ) {
                $ip = self::getUserIP();

                 $ch = curl_init();
                 curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, false);
                 curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
                 curl_setopt($ch, CURLOPT_URL, 'https://blackbox.ipinfo.app/lookup/'.$ip);
                 $result = curl_exec($ch);
                 curl_close($ch);

                if($result == 'Y' or $result == 'X'){
                    if( ($visitor->is_admin || $visitor->is_moderator) == false) {
                       
                        echo "Proxy, VPN or Data center IP ($ip) are not allowed here";
                        exit();
                    }
                }
            }

        }
    }

    public static function proxy_exclude($ip) {
        $ip1 = gethostbyname($_SERVER["REMOTE_ADDR"]);

        $res = false;
        if($ip1 == '127.0.0.1' || $ip1 == '::1') $res = true;

       
        return $res;
    }
   
    public static function getUserIP()
    {
        // Get real visitor IP behind CloudFlare network
        if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
                  $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
                  $_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
        }
        $client  = @$_SERVER['HTTP_CLIENT_IP'];
        $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
        $remote  = $_SERVER['REMOTE_ADDR'];
        \XF::dump($_SERVER);
        if(filter_var($client, FILTER_VALIDATE_IP))
        {
            $ip = $client;
        }
        elseif(filter_var($forward, FILTER_VALIDATE_IP))
        {
            $ip = $forward;
        }
        else
        {
            $ip = $remote;
        }

        return $ip;
    }
}

BattleKingi have to change "127.0.0.1" for my server IP or?

 

[BattleKing]

i have to change "127.0.0.1" for my server IP or?

ilonaNo, check if the IP might be black listed which you get back from the debug statement

 

[mimiv]

@BattleKing @ENXF NET any idea how can we exclude an ip from being blocked by this plugin

 

[Cwadel]

Can we personalize the blocking page with a personal formatting?

Edit
Ok i found the way, solved 😀

 

[mimiv]

Can we personalize the blocking page with a personal formatting?

Edit
Ok i found the way, solved 😀

Cwadeli still have not find a way can you share it with us please you would help me and others

 

[Cwadel]

For those who want a styled home page for the proxy. proceed as follows :

Create a page on your server that you will call like proxypage.php ! note proxy.php ,because it already exists !

add the following code to this page (the css code can be simplified,didn't have time for that) :

<!DOCTYPE html>
<html lang="en">
<head>
    <title>SECURITY</title>
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <meta charset="utf-8">
    <META NAME="ROBOTS" CONTENT="NOINDEX, NOFOLLOW">
      <link href="https://cdn.jsdelivr.net/npm/[email protected]/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-Zenh87qX5JnK2Jl0vWa8Ck2rdkQ2Bzep5IDxbcnCeuOxjzrPF/et3URy9Bv1WTRi" crossorigin="anonymous"><link rel="stylesheet" href="https://use.fontawesome.com/releases/v6.2.0/css/all.css">
<style>
.scroll-btn {
    height: 40px;
    width: 40px;
    border: 2px solid #000;
    border-radius: 10%;
    background-color: #000;
    position: fixed;
    bottom: 25px;
    right: 20px;
    opacity: 0.8;
    z-index: 9999;
    cursor: pointer;
    display: none;
}

.scroll-btn .scroll-btn-arrow {
    height: 12px;
    width: 12px;
    border: 3px solid;
    border-right: none;
    border-top: none;
    margin: 15px 12px;
    -webkit-transform: rotate(135deg);
    -moz-transform: rotate(135deg);
    -ms-transform: rotate(135deg);
    -o-transform: rotate(135deg);
    transform: rotate(135deg);
    color: white;
}

.notouch .scroll-btn:hover { opacity: 0.8 }

@media only screen and (max-width: 700px), only screen and (max-device-width: 700px) {
    .scroll-btn {
        bottom: 8px;
        right: 8px;
    }
}

a:link {
      text-decoration: none;
    }

a:visited {
    text-decoration: none;
}

.pm_enabled {
    color: #47A447;
}

.pm_disabledblue {
    color: #007bff;
}

.pm_disabled {
    color: #d2322d;
}

.width100 {
    width: 100%;
}

.font13 {
    font-size: 13px;
}

.font14 {
    font-size: 14px;
}

.font20 {
    font-size: 20px;
}

.font35 {
    font-size: 35px;
}

.height_auto {
    height: auto;
}

.margin_auto {
    height: auto;
}

.marg_bottom {
    margin-bottom: 0;
}

.map_div {
    width: 99%;
    height: 450px;
}

.wpage_head {
    background-color: #d9534f;
    color: white;
}
</style>
</head>
 
  <body>
    <br /><div class="container col-lg-8 card bg-light">
        <br />
        <div class="row d-flex justify-content-center">
            <center>
                <div class="alert alert-danger" class="wpage_head">
                    <h5 class="alert-heading">Access to the website via Proxy, VPN, TOR is not allowed</h5>
                </div><br />
           
                    <p class="font20"><i class="fas fa-globe fa-4x"></i></p>
                <h6>Please contact the webmaster <?php echo "with Your IP ($ip) ";?> of the website if you think something is wrong.</h6>
           
                <br />
              <p><a href="mailto:your mail>" class="btn btn-primary col-12" target="_blank"><i class="fas fa-envelope"></i> Contact</a></p>
           
            </center>
        </div>
   
  <br /></div>
      <footer>
        <div class="mt-auto d-flex justify-content-center">
          <div class="col-lg-8">
            <br />
            <center><p>Protected by<strong><a href="Your Website" target="_blank">"your copright"</a></strong></p></center>
          </div>
        </div>
      </footer>
  </body>
</html>

after this open Listener.php in scr/addon/Xfdev/proxycheck/


Replace or comment

echo "Proxy, VPN or Data center IP ($ip) are not allowed here
                        if this is a bug and it's just a regular home provider then write to "" with specify ip ($ip).
                        will try to fix it.
                        we apologize for any inconvenience caused.";

by this

 include_once "proxypage.php";

after you should see a page like this if you use a proxy/vpn.

tell me if it works for you

take a look here :

Build fast, responsive sites with Bootstrap​

edit: add <?php echo "with Your IP ($ip) ";?> on landing page​

 

[Zer01ne]

@BattleKing how to whitelist specific IPs??

 

[BattleKing]

@BattleKing how to whitelist specific IPs??

Zer01neI could add an option to do that.

 

[ENXF NET]

ENXF NET updated Proxy Check with a new update entry:

Enhancements

View attachment 36600

Add IP whitelist option {ip}
Add contact email option {contact}
Add copyright option {copyright}
Add link option {link}

The words inside the {} can be used inside the new created phrase

View attachment 36601

Result looks like (thx @Cwadel):

View attachment 36602

Read the rest of this update entry...

 

[Zer01ne]

ENXF NET updated Proxy Check with a new update entry:

Enhancements



Read the rest of this update entry...

ENXF NETThanks a lot, it working as I expected!
I deeply admire your skills and efforts.

 

[ilona]

Not working with cf :/

 

[BattleKing]

Not working with cf :/

ilonadid you checked it right now?

 

[ilona]

did you checked it right now?

BattleKingU checked long time ago with me….

 

[BattleKing]

U checked long time ago with me….

ilonaok, but this has another fix inside which was requested by some users.

The cloudflare stuff should work too, but I guess it depends on the settings.

 

[Ave12]

ok, but this has another fix inside which was requested by some users.

The cloudflare stuff should work too, but I guess it depends on the settings.

BattleKingDoes not work, access to the site is also available when using any vpn

 

[BattleKing]

Does not work, access to the site is also available when using any vpn

Ave12It depends which VPN, some will not be recognized, but if you are admin or a moderator they are not affected and bypass the check.