-
Notifications
You must be signed in to change notification settings - Fork 9
/
README
103 lines (93 loc) · 5.66 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
Proxy/VPN Detection Hook for WHMCS by KuJoe (JMD.cc)
1.1 - Fixed bug that caused duplicate lookups to MaxMind.
1.2 - Fixed bug that caused client account to be registered even if order was blocked.
Replaced redirect with error message on the shopping cart.
Removed template files.
1.3 - Fixed version number typo.
Better formatting and comments for non-code savvy users.
Updated instructions.
1.4 - Added database table to conserve MaxMind queries and for reviewing scores.
Created a WHMCS report for the last 50 proxy check scores.
1.5 - Fixed script to only write to the database once per IP address.
Script generates e-mail alerts when the MaxMind lookup returns something other than a numeric score.
Added database field that allows ignoring IPs that fail VPN checks.
1.6 - Fixed the ignore IP option.
Fixed e-mail alerts.
IPs can be ignored/unignored in the Last 50 Proxy Checks report.
1.7 - Limited Last 50 Proxy Checks report to 50. (Doh!)
1.8 - Added 2nd hook and report for GetIPIntel.net (free Maxmind alternative)
1.9 - Updated hook for GetIPIntel.net to meet future requirement (contact info required to help the developer troubleshoot issues)
//Requirements:
You need to purchase Proxy Detection queries from MaxMind for the Maxmind hook (the free minFraud queries will NOT work). http://www.maxmind.com/en/proxy
//Installation:
1) Set $license_key in chkProxy_maxmind.php file if you wish to use Maxmind's database to check IPs.
2) Set $email in both chkProxy files.
3) Upload the chkProxy files into your WHMCS's hooks directory (/includes/hooks/).
4) Upload the last_50_proxy_checks files into your WHMCS's reports directory (/modules/reports/).
5) Run these query to create the database tables (run this command in phpMyAdmin, Adminer, SQLBuddy, command line, or your MySQL editor of choice):
-- START QUERY
CREATE TABLE IF NOT EXISTS `mod_chkproxy_mm` (
`chkid` int(11) NOT NULL AUTO_INCREMENT,
`ipaddr` varchar(40) NOT NULL,
`proxyscore` varchar(4) NOT NULL,
`ignore` int(1) NOT NULL DEFAULT '0',
`dt` TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`chkid`)
);
CREATE TABLE IF NOT EXISTS `mod_chkproxy_gii` (
`chkid` int(11) NOT NULL AUTO_INCREMENT,
`ipaddr` varchar(40) NOT NULL,
`proxyscore` varchar(4) NOT NULL,
`ignore` int(1) NOT NULL DEFAULT '0',
`dt` TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`chkid`)
);
-- END QUERY
//Upgrading:
Upgrading from version 1.4 and older
1) Run the following MySQL query:
-- START QUERY
DELETE n1 FROM mod_chkproxy n1, mod_chkproxy n2 WHERE n1.chkid < n2.chkid AND n1.ipaddr = n2.ipaddr;
-- END QUERY
Upgrading from version 1.7 and older
1) Delete /includes/hooks/chkproxy.php from WHMCS.
2) Delete /modules/reports/last_50_proxy_checks.php from WHMCS.
3) Run the following MySQL query:
-- START QUERY
RENAME TABLE mod_chkproxy TO mod_chkproxy_mm;
-- END QUERY
4) Set $license_key in chkProxy_maxmind.php file if you wish to use Maxmind's database to check IPs.
5) Set $email in both chkProxy files.
6) Upload the chkProxy files into your WHMCS's hooks directory (/includes/hooks/).
7) Upload the last_50_proxy_checks files into your WHMCS's reports directory (/modules/reports/).
8) Run these query to create the database tables (run this command in phpMyAdmin, Adminer, SQLBuddy, command line, or your MySQL editor of choice):
-- START QUERY
CREATE TABLE IF NOT EXISTS `mod_chkproxy_mm` (
`chkid` int(11) NOT NULL AUTO_INCREMENT,
`ipaddr` varchar(40) NOT NULL,
`proxyscore` varchar(4) NOT NULL,
`ignore` int(1) NOT NULL DEFAULT '0',
`dt` TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`chkid`)
);
CREATE TABLE IF NOT EXISTS `mod_chkproxy_gii` (
`chkid` int(11) NOT NULL AUTO_INCREMENT,
`ipaddr` varchar(40) NOT NULL,
`proxyscore` varchar(4) NOT NULL,
`ignore` int(1) NOT NULL DEFAULT '0',
`dt` TIMESTAMP ON UPDATE CURRENT_TIMESTAMP,
PRIMARY KEY (`chkid`)
);
-- END QUERY
//Optional:
A) Edit $max_score to fine tune detection (lower means will block more proxies but also have a higher change of blocking legit clients also). SEE ADDITIONAL INFORMATION.
B) Edit $error to fit your needs and match your template. To test your error message without access to a proxy/VPN, just set the $max_score to 0.00 to force the message to trigger (no orders will be processed until this is changed back).
//Additional Information:
You can run both hooks (Maxmind and GetIPIntel) in tandem or you can pick one to run instead.
MAXMIND - A paid service with highly accurate proxy/VPN database. Founded in 2002 and proven reliable. Fewer false positives but fails to identify some proxy/VPNs.
A $max_score of 1.7-1.8 is recommended. I've found that many large data centers return a score of 1.8 and every US residential ISP that I've tested has been a 0.00 so you can adjust accordingly. If you want to find the score of a specific IP address use the following URL in your browser:
https://minfraud.maxmind.com/app/ipauth_http?l=YOURLICENCEKEY&i=IPADDRESS
GETIPINTEL - A free service with a fairly accurate proxy/VPN detection algorithm. Founded in 2014 and constantly improving. More false positives but identifies more proxy/VPNs than Maxmind.
A $max_score of 0.95 is recommended to prevent false positives and as the service matures the recommended $max_score will be lowered. Set to 1 if you want to just block known bad IPs. More details about this project can be found at http://getipintel.net and if you want to find the score of a specific IP address use the following URL in your browser:
http://check.getipintel.net/check.php?ip=IPADDRESS&contact=EMAIL
If your website is behind a reverse proxy (i.e. CloudFlare) this hook might not work. You will need to configure your webserver to display the correct IP address of visitors.