PHP Code to Check if Someone is Coming from a Open Proxy.

June 11, 2008

As some of you know I’ve been moving to building my own offers and some other things on the advertisers side I’ll sharing later. In this quest I’ve found the most challenging thing is to flush out the fraud from the legitimate users. Everyone thinks being an advertiser is the way to go right? Affiliates send traffic and you pay them 5$ and you make 7-10$. Well if only it was that easy. Honestly being the advertiser or network would be the greatest thing since sliced bread if there wasn’t so much affiliate fraud. Now I’m not talking about Blackhat tactics or spam traffic generation stuff. I’m talking straight fraud such as stolen credit cards and lead stuffing. There’s large organized rings of fraudsters primarily in China, India, Phillipines, Vietnam, Russia, Turkey and a few other countries. So if any of my readers on from those countries and get denied for networks and offers a lot that’s why.

Why you should care

Fortunately most of the fraudsters aren’t that sophisticated from what I’ve seen, so there’s a lot of ways to flush them out of the bushes and cut your losses before they start. There’s very good reason to catch them “Before” they start. As an advertiser the last thing you want is a large number of charge backs or stolen credit cards running through your system. If enough of this happens you can be blacklisted for any merchant account. Therefore the prevention of these transactions going through is a good place to begin.

One of the hard parts about owning a network or running an offer is the careful balancing act between what you let through and what you block. You could lock down your affiliate approval or purchase system tighter then a drum and approve hardly anyone. Or you could let everyone through but these are extremes of the spectrum of course. So the goal is to build little checks in to weed out most of the fraud before it starts. One thing I’ve chosen is anyone signing up with a proxy is going to get denied. If you can’t signup with your real IP I don’t want to do business with you. Maybe I’m going to knock out some sales and some affiliates this way but it’s worth it so I don’t have to deal with as much fraud.

Now there’s no way you can block all proxies, I know this but you can weed out the simple ones by checking the regular open proxy ports which are 80, 8080, and 3128. I’ve written a little function that you pass the IP address to and return 0 or 1 based on whether those ports are open on the IP. So that when an affiliate applies or a sale goes through I check if the IP ( address of the computer) is coming from computer that has those ports open. 99.9 out of a 100 home users aren’t going to have any of those ports open.

Just take this code and stick it in your sign up form or registration form and decide how you want to deal with these orders or sign ups. You may want to just throw them into a queue to be manually checked. Or build a rating system based on points. How you handle things is up to you.

PHP Proxy Port Checking Code:

function ipProxyPortCheck($ip){
//timeout you want to use to test
$timeout = 5;
// ports we're going to check
$ports = array(80,3128,8080);
// flag to be returned 0 means safe, 1 means open and unsafe
$flag = 0;
// loop through each of the ports we're checking
foreach($ports as $port){
// this is the code that does the actual checking for the port
@$fp = fsockopen($ip,$port,$errno,$errstr,$timeout);
// test if something was returned, ie the port is open
if(!empty($fp)){
// we know the set the flag
$flag = 1;
// close our connection to the IP
fclose($fp);
}
}
// send our flag back to the calling code
return $flag;
}
// call our function and check the IP in there
echo ipProxyPortCheck('69.217.73.52');
?>

Hope this saves some advertisers and affiliate networks some time and money.

newsletter

Want More? The more people listening the more I’ll write.
Subscribe to get business insights in your inbox
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.