Anonymous User?

lucy2u · #1 (**permalink**) 06-12-09, 07:43

Is there a way to block anonymous users from accessing the site? I mean, how do block someone who is anonymous if they are using a different or hidden IP?

BodShane · #2 (**permalink**) 06-12-09, 14:18

Unfortunately, there is no such way you can block anonymous users from visiting your site. However, you can also setup Password protect directories which will only allow users with credentials to proceed further.

Regards,

Shane Phillips

surreality · #3 (**permalink**) 06-12-09, 16:30

Do you mean block people from accessing your website via proxy? Well, it's not perfect, but there is a way to do something like it. Just add the following to your .htaccess file (or create it if it doesn't exist):

Code:

RewriteEngine on
RewriteBase /
RewriteCond %{HTTP:VIA}                 !^$ [OR]
RewriteCond %{HTTP:FORWARDED}           !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA}       !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR}     !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION}   !^$ [OR]
RewriteCond %{HTTP:XROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP:X-FORWARDED-FOR}     !^$ [OR]
RewriteCond %{HTTP:FORWARDED-FOR}       !^$ [OR]
RewriteCond %{HTTP:X-FORWARDED}         !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP}      !^$
RewriteRule ^(.*)$ - [F]

That should take care of most of them. ;)

madmax · #4 (**permalink**) 06-13-09, 16:28

Quote:

Originally Posted by surreality

Do you mean block people from accessing your website via proxy? Well, it's not perfect, but there is a way to do something like it. Just add the following to your .htaccess file (or create it if it doesn't exist):

Code:

RewriteEngine on
RewriteBase /
RewriteCond %{HTTP:VIA}                 !^$ [OR]
RewriteCond %{HTTP:FORWARDED}           !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA}       !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR}     !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION}   !^$ [OR]
RewriteCond %{HTTP:XROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP:X-FORWARDED-FOR}     !^$ [OR]
RewriteCond %{HTTP:FORWARDED-FOR}       !^$ [OR]
RewriteCond %{HTTP:X-FORWARDED}         !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP}      !^$
RewriteRule ^(.*)$ - [F]

That should take care of most of them. ;)

But as I understand things, you can always change your proxy and then this wouldn't work to keep them out. I think I like the password plan better.

markrd · #5 (**permalink**) 06-14-09, 06:33

Quote:

Originally Posted by Shane Phillips

Unfortunately, there is no such way you can block anonymous users from visiting your site. However, you can also setup Password protect directories which will only allow users with credentials to proceed further.

Regards,

Shane Phillips

Hi Shane,

How exactly can I set up this password protection? I've been wondering the same thing here and figured there was no real way to block them.

lucy2u · #6 (**permalink**) 06-16-09, 10:37

Right, ok and thanks for the information. And yes, they can always change the proxy and come back with a different IP I guess.

surreality · #7 (**permalink**) 06-16-09, 10:53

Quote:

Originally Posted by madmax

But as I understand things, you can always change your proxy and then this wouldn't work to keep them out. I think I like the password plan better.

Actually, what that does is it detects whether a person is using a proxy connection and if they are then it blocks them. It's far from perfect, nothing is, but it does work very well to screen out most proxy users.