Trying to block proxy access

Topics: Developer Forum, User Forum
Jan 24, 2012 at 3:49 AM
Edited Jan 24, 2012 at 3:50 AM

Hi!

I'm trying to set up IIRF on a Windows Server 2003 with IIS 6 to block all incoming connections that come through proxy servers.

I've successfully installed the latest version of IIRF, the status report looks OK:

IIRF Status Report
IIRF Global Status
IIRF Version Ionic ISAPI Rewriting Filter (IIRF) 2.1.2.3 x86 RELEASE
Built on Nov 11 2011 07:39:27
Filter DLL C:\Program Files\Ionic Shade\IIRF 2.1\IIRF.dll 
PCRE Version 8.02 2010-03-19
IIRF User NT AUTHORITY\NETWORK SERVICE
Security Groups \Everyone
S297052\IIS_WPG
S297052\SQLServer2005MSSQLServerADHelperUser$S65495
S297052\SQLServer2005ReportingServicesWebServiceUser$S65495$MSSQLSERVER
S297052\SQLServer2005ReportServerUser$S65495$MSSQLSERVER
BUILTIN\Performance Log Users
BUILTIN\Users
NT AUTHORITY\SERVICE
NT AUTHORITY\Authenticated Users
NT AUTHORITY\This Organization
\LOCAL
BUILTIN\Users
IIRF Started 2012/01/24 01:33:43 GMT Standard Time
Current time 2012/01/24 04:21:23 GMT Standard Time
Server Ini file C:\Program Files\Ionic Shade\IIRF 2.1\IirfGlobal.ini 
Last Update of Ini 2011/01/03 13:28:58 GMT Standard Time 
  #Lines 66
  #Warnings 0
Rewrite Engine (all vdirs) ON

IIRF Vdir Status
APPL_MD_PATH /LM/W3SVC/58370293/Root
Root Vdir Ini File D:\inetpub\MySite\Iirf.ini
Ini file timestamp 2012/01/24 04:17:52 GMT Standard Time
Last Read 2012/01/24 04:17:55 GMT Standard Time
#Ini Modules 1
#Lines 23
#Rules 1
#Warnings 0
#Errors 0
Log file  c:\temp\iirf1.4256.log
Log level 1
Rewrite Engine ON
Rewrite Base '--'
Remote Status Inquiry disabled
Cond substring flag *
Case conversion flag #
URL Decoding ON
Iteration Limit 5
Proxy Timeouts (sec.) Resolve=30 Connect=30 Send=30 Receive=30
#Requests Processed 692

I'm using the following code in my Iirf.ini (located in the root folder of the site, where all the pages are):

RewriteLogLevel 1
RewriteLog c:\temp\iirf1
RewriteEngine ON
StatusInquiry ON
IterationLimit 5

RewriteCond %{HTTP:VIA}                 !^$ [OR]
RewriteCond %{HTTP:FORWARDED}           !^$ [OR]
RewriteCond %{HTTP:USERAGENT_VIA}       !^$ [OR]
RewriteCond %{HTTP:X_FORWARDED_FOR}     !^$ [OR]
RewriteCond %{HTTP:PROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP:XPROXY_CONNECTION}   !^$ [OR]
RewriteCond %{HTTP:HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP:HTTP_CLIENT_IP}      !^$
RewriteRule ^(.*)$ - [F]

I found this recommended for htaccess files here:
http://perishablepress.com/press/2008/04/20/how-to-block-proxy-servers-via-htaccess/

I've also tried a different syntax (replacing the colons with underscores), as suggested in another topic:

RewriteCond %{HTTP_VIA}                 !^$ [OR]
RewriteCond %{HTTP_FORWARDED}           !^$ [OR]
RewriteCond %{HTTP_USERAGENT_VIA}       !^$ [OR]
RewriteCond %{HTTP_X_FORWARDED_FOR}     !^$ [OR]
RewriteCond %{HTTP_PROXY_CONNECTION}    !^$ [OR]
RewriteCond %{HTTP_XPROXY_CONNECTION}   !^$ [OR]
RewriteCond %{HTTP_HTTP_PC_REMOTE_ADDR} !^$ [OR]
RewriteCond %{HTTP_HTTP_CLIENT_IP}      !^$
RewriteRule ^(.*)$ - [F]

The code doesn't seem to work either way. I can still access the pages in the root folder via various online proxies (e.g. anonymouse.org, proxify.com).

Here is an excerpt of the log file (created with level 2 setting):

Tue Jan 24 04:09:54 -  4368 - -------------------------------------------------------
Tue Jan 24 04:09:54 -  4368 - Ionic ISAPI Rewriting Filter (IIRF) 2.1.2.3 x86 RELEASE
Tue Jan 24 04:09:54 -  4368 - IIRF was built on: Nov 11 2011 07:39:27
Tue Jan 24 04:09:54 -  4368 - GetLogFile: app:'/LM/W3SVC/58370293/Root'  new log:'c:\temp\iirf2.4256.log'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: actual log file 'c:\temp\iirf2.4256.log'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: ini file: 'D:\inetpub\MySite\Iirf.ini'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: ini file timestamp: 2012/01/24 04:09:52 GMT Standard Time
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: cfg(0x20526348)
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: LogLevel = 2
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(8): RewriteEngine will be enabled.
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(9): StatusInquiry ON (--) (--)
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(9): IIRF Status Inquiry is enabled at path '/iirfStatus' for local requests only.
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(10): IterationLimit 5
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(12): RewriteCond   %{HTTP:VIA}  !^$ '[OR]'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(13): RewriteCond   %{HTTP:FORWARDED}  !^$ '[OR]'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(14): RewriteCond   %{HTTP:USERAGENT_VIA}  !^$ '[OR]'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(15): RewriteCond   %{HTTP:X_FORWARDED_FOR}  !^$ '[OR]'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(16): RewriteCond   %{HTTP:PROXY_CONNECTION}  !^$ '[OR]'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(17): RewriteCond   %{HTTP:XPROXY_CONNECTION}  !^$ '[OR]'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(18): RewriteCond   %{HTTP:HTTP_PC_REMOTE_ADDR}  !^$ '[OR]'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(19): RewriteCond   %{HTTP:HTTP_CLIENT_IP}  !^$ '(null)'
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: D:\inetpub\MySite\Iirf.ini(20): RewriteRule (rule 1)  '^(.*)$'  '-'      [F]
Tue Jan 24 04:09:54 -  4368 - ReadVdirConfig: Done reading INI for the root vdir, found 1 rules (0 errors, 0 warnings) on 23 lines, in 1 modules

Tue Jan 24 04:17:39 -  4380 - DoRewrites: Url (decoded): '/about.aspx'
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - GetServerVariable: cannot find that variable
Tue Jan 24 04:17:39 -  4380 - DoRewrites: No Rewrite

Am I missing something or using bad code? Please help. Thanks!

(Sorry for the long post, I wanted to provide all the necessary details.)