Last active
September 29, 2019 10:59
-
-
Save jeroenvisser101/cb7e01f58b229b946b99 to your computer and use it in GitHub Desktop.
Detecting people that use Tor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| /** | |
| * Class TorDetector | |
| * | |
| * Helps to detect if visitors are using a Tor browser to surf the website. | |
| * | |
| * Thanks to https://trac.torproject.org/projects/tor/wiki/doc/TorDNSExitList | |
| */ | |
| class TorDetector | |
| { | |
| /** | |
| * Checks if a user is currently reaching the server from a Tor exit node. | |
| * | |
| * @param string $remoteIp The IP of the visitor you'd like to check. | |
| * @param int $port The port on which the server is running. | |
| * @param string $serverIp Your server IP. | |
| * | |
| * @return bool | |
| */ | |
| public function check($remoteIp, $port, $serverIp) | |
| { | |
| $detectHost = sprintf( | |
| '%s.%s.%s.ip-port.exitlist.torproject.org', | |
| $remoteIp, | |
| $port, | |
| $this->reverseIPOctets($serverIp) | |
| ); | |
| // According to the guide, if this returns 127.0.0.2, it's a Tor exit node | |
| return gethostbyname($detectHost) === '127.0.0.2'; | |
| } | |
| /** | |
| * This function simply reverses the IP's octets. | |
| * | |
| * @param string $ip The IP to be reversed. | |
| * | |
| * @return string | |
| */ | |
| protected function reverseIPOctets($ip) | |
| { | |
| return implode('.', array_reverse(explode('.', $ip))); | |
| } | |
| } |
@dsoares correct and updated!
According to https://trac.torproject.org/projects/tor/wiki/doc/TorDNSExitList remoteIp need to be inverced too
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The correct syntax is:
return implode('.', array_reverse(explode('.', $ip)));