12
  1. How can a specific website detect that I'm surfing via proxy?
  2. Is there a way to use proxy and not get detected? If so, how?
WhiteWinterWolf
  • 19,082
  • 4
  • 58
  • 104
Sahar Avr
  • 171
  • 1
  • 1
  • 6

1 Answers1

20

A proxy will by default tell the destination the IP address of the original requester by adding a X-Forwarded-For HTTP header to the original HTTP request. This make it obviously easy for the server, not only to know that you are using a proxy, but also to know your actual IP address, effectively dropping your anonymity.

Then you have what is called an anonymous proxy or anonymizer. It is the very same software, however this time the proxy server has been configured in order to not add this header. The request therefore appears as originating from the proxy server itself, your own IP does not appear anywhere, thus preserving your anonymity.

However, while your anonymity remains preserved, i.e. the remote site cannot know your actual IP address, it can still determine that you are using a proxy:

  • There are list of proxy servers available around the net. If a server sees an incoming request originating from an IP address belonging to such lists, then he knows nearly for sure that this request went through a proxy.
  • Moreover, while the remote server does not know your IP which has been masqueraded by the proxy, all other headers composing your request generally remain untouched. These headers contains a lot of information, like your browser type and version, and the OS you are using.

    If a server receives a lot of requests coming from the very same IP address, but showing each time different browsers and OSes, the chances that this IP address is a proxy are rather high. However the server will have no definitive way to tell whether it is an open poxy, that is to say a proxy usable by anyone for instance in order to remain anonymous, or a legitimate private proxy, like you could find in any corporate environment.

There could still be some more advanced checking to be done on server-side like issuing a reverse lookup to get the DNS name associated to this source IP address to check if it corresponds to some well-known proxy services providers, but these may be heavier to put in place and be more error-prone than the X-Forwarded-For header or the known proxies IP lists. You can find some more techniques on this interesting answer.

Now, the best ways to ensure that the fact you are using a proxy is not detected:

  • Obviously do not claim you are using one, so use an anonymous proxy.
  • Turn off all advanced plugins like Flash and Java which could bypass your proxy settings and reveal your genuine address to the remote server (actually, I would recommend to turn them off in all cases as a sanity measure, but this is another subject).
  • Ideally setup your own private proxy server on some VPS provider. Such a private proxy server will have a very low requirement in terms of CPU and memory, so it could be very cheap. It must require an authentication (you do not want bad people do nasty things from your system, do you? ;) ), and ideally this proxy would be listening on a non-standard port and be firewalled to be joignable only by your IP,
  • If you want to hide your identity and not only your IP address, take care of anything which could link you with any hosting or proxy services you could rent (payment system, email address, IP used to fetch the emails, etc.).
WhiteWinterWolf
  • 19,082
  • 4
  • 58
  • 104
  • Thank you so much. **1**. What is the difference between `OpenVPN` and `PPTP`? **2**. If I use a software that disguises all my connections (like HMA) and lets me use my own browser, will the `UserAgentString` change accordingly? Or do those headers you talked about are being sent in a differeny way? – Sahar Avr Sep 18 '15 at 10:05
  • 1
    @SaharAvr: A proxy is called formally an *application proxy*, or here an *HTTP proxy*: they only handle the traffic generated by some applications. The other technologies you mention (called *VPN*) have a broader scope: they handle network traffic at large, not matter the application or protocol used. OpenVPN and PPTP are just two different VPN protocols. To make it short, PPTP provides a larger compatibility and OpenVPN provides a stronger encryption. Both hide your source IP effectively. However, none of them will alter your HTTP headers, so your `UserAgentString` will remain the same. – WhiteWinterWolf Sep 18 '15 at 11:45
  • I think another term for anonymous proxy is transparent proxy. – jiggunjer Nov 30 '15 at 04:15
  • 1
    @jiggunjer: No, they are not the same thing. A [transparent proxy](https://en.wikipedia.org/wiki/Proxy_server#Transparent_proxy) is a proxy intercepting browser's request on the network and which does not require any configuration on the browser, it may or may not hide the originator identity, and an [anonymous proxy](https://en.wikipedia.org/wiki/Anonymizer) hides the originator identity, it may or may not require a specific configuration on the browser to use it. – WhiteWinterWolf Nov 30 '15 at 08:55
  • thanks :) I've never had to configure anything in my browser with a proxy before, guess the distinction didn't occur to me. – jiggunjer Nov 30 '15 at 09:07
  • 1
    JavaScript has some features like stun servers in webrtc that also might leak your IP. (have not tested but tor disables that stuff) – user1133275 May 18 '16 at 17:39