Results 1 to 12 of 12

Thread: Block proxies prior to donating.

  1. #1
    Join Date
    Dec 2011
    Posts
    266
    Mentioned
    16 Post(s)
    Quoted
    185 Post(s)

    Default Block proxies prior to donating.

    Ok, so I'm starting up a new forum, and I can foresee a problem with users donating to get rank, scamming other people, and then charging back their donation. I don't mind if users want to use proxies while logged in and browse the forum, but I want them to have to disable proxies prior to donating. The reason for this is because I will be able to fight a chargeback if I have their actual IP, but mainly it would simply deter anyone who is donating simply for the purpose of scamming.

    I realize that I would not be successful fighting every chargeback, especially thanks to Paypal's "the buyer is always right" policy, but the purpose of this is more to deter, rather than fight.

    This is a PHP board, MyBB to be specific, but it will have a dedicated HTML page used for donations. On this HTML page is where I would need the proxy detection/blocking. There are several MyBB plugins for proxy detection, but either they don't work at all stopping proxies, or they block way too many legit IPs.

    Does anyone have any experience with proxy detection? I know very little about javascript, or coding in general, so noob-friendly advice is appreciated. Thanks in advance.

  2. #2
    Join Date
    Jun 2012
    Posts
    4,867
    Mentioned
    74 Post(s)
    Quoted
    1663 Post(s)

    Default

    I do not have experience with this but I think there are probably useful resources for this online. I would suggest though that because of Paypal's 'buyer is always right' policy that you do not accept paypal and instead use a different online payment method that cannot be reclaimed by the buyer so easily.

  3. #3
    Join Date
    Dec 2011
    Posts
    266
    Mentioned
    16 Post(s)
    Quoted
    185 Post(s)

    Default

    Quote Originally Posted by BMWxi View Post
    I do not have experience with this but I think there are probably useful resources for this online. I would suggest though that because of Paypal's 'buyer is always right' policy that you do not accept paypal and instead use a different online payment method that cannot be reclaimed by the buyer so easily.
    I've found several places talking about/selling this, anywhere from $5 to $300, to $3000, the problem is they're mostly all sales pitches. I was really hoping someone here had some experience with this, either writing custom code, or previous experience with one of the services so as to save myself a bit of time and headache deciding which route to go.

    As for the paypal issue, it would be really easy to just not accept paypal, but that doesn't really address my issue. Also, I know for me personally, it's a huge turnoff when a website doesn't accept paypal.

  4. #4
    Join Date
    Mar 2013
    Posts
    1,010
    Mentioned
    35 Post(s)
    Quoted
    620 Post(s)

    Default

    Talk to Ironhide from powerbot. He can tell you how to win any charge back if you get the correct info.
    #slack4admin2016
    <slacky> I will build a wall
    <slacky> I will ban reflection and OGL hooking until we know what the hell is going on

  5. #5
    Join Date
    Jan 2012
    Posts
    1,596
    Mentioned
    78 Post(s)
    Quoted
    826 Post(s)

  6. #6
    Join Date
    Dec 2011
    Posts
    266
    Mentioned
    16 Post(s)
    Quoted
    185 Post(s)

    Default

    Quote Originally Posted by Harrier View Post
    Talk to Ironhide from powerbot. He can tell you how to win any charge back if you get the correct info.
    This isn't so much about winning the charge backs, it's about preventing my members from getting scammed. If people know up front that they won't be able to charge back, they will be much less likely to scam.

  7. #7
    Join Date
    Mar 2013
    Posts
    1,010
    Mentioned
    35 Post(s)
    Quoted
    620 Post(s)

    Default

    Quote Originally Posted by Gunner View Post
    This isn't so much about winning the charge backs, it's about preventing my members from getting scammed. If people know up front that they won't be able to charge back, they will be much less likely to scam.
    Well knowing their IP doesn't help. They can easily charge back still, and most likely win. Mainly because paypal doesn't care if you give them their IP. Also they can send the payment from a VPN and say their paypal was hacked.
    #slack4admin2016
    <slacky> I will build a wall
    <slacky> I will ban reflection and OGL hooking until we know what the hell is going on

  8. #8
    Join Date
    Oct 2012
    Posts
    1,258
    Mentioned
    40 Post(s)
    Quoted
    588 Post(s)

    Default

    my go to guy for info like this is currently busy irl and barely gets on skype these days :/ He'd know about the feasibility of proxy detection via software.

    You could make some sort of system where each person that's looking to donate has a manual ip check (e.g view their screen via programs such as teamviewer and check to make sure they aren't using any type of proxy to access your site).

    I'll pm ya a little bit more info =)

  9. #9
    Join Date
    Sep 2012
    Location
    Here.
    Posts
    2,007
    Mentioned
    88 Post(s)
    Quoted
    1014 Post(s)

    Default

    I recommend simply setting a 'Donor in transit' type of rank for the first month after a donation, and then solidifying it to 'Donor' after the chargeback period has gone from Paypal. Granted you can chargeback at any point in time I think, but it's a lot harder to fight a month later.

  10. #10
    Join Date
    Feb 2011
    Location
    The Future.
    Posts
    5,600
    Mentioned
    396 Post(s)
    Quoted
    1598 Post(s)

    Default

    Hack-forums has the best detection that I have ever seen.. Even TOR was detected at one point (don't know if it still is). They even detect some private VPNs.

    I'd ask there personally but.. it's a very malicious site so.. you take this advice at your own risk.

    Btw.. getting someone's IP won't help you if it's completely dynamic as it will change with a simple reset/unplug of the router.
    Last edited by Brandon; 10-23-2014 at 03:02 PM.
    I am Ggzz..
    Hackintosher

  11. #11
    Join Date
    Oct 2012
    Posts
    1,258
    Mentioned
    40 Post(s)
    Quoted
    588 Post(s)

    Default

    Quote Originally Posted by Kevin View Post
    I recommend simply setting a 'Donor in transit' type of rank for the first month after a donation, and then solidifying it to 'Donor' after the chargeback period has gone from Paypal. Granted you can chargeback at any point in time I think, but it's a lot harder to fight a month later.
    Unfortunately paypal not too long announced that they're soon changing their system, starting nov 18th of this year:


    So he'd have to give them that rank for like half a year? =p

    https://www.paypal.com/webapps/mpp/u...locale.x=en_US

  12. #12
    Join Date
    Nov 2014
    Posts
    104
    Mentioned
    12 Post(s)
    Quoted
    59 Post(s)

    Default

    Many proxies set the header X-Forwarded-For, so you can see if that header is set. Of course, anonymous proxies usually don't set a X-Forwarded-For header. The only way to block anonymous proxies or VPNs would be to obtain or create a blacklist file. Then you can make it so only people who aren't on that blacklist can access your donation page. This will not detect everyone, that isn't possible, but it is probably your best bet. Let me know if you need more details or some examples.

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •