Monitor and block Proxy, VPN, TOR, abused IPS (and more) in PHP using REST-API

2020-09-24 16:15:00

Having private or sensitive sections on a web site means that fraudsters will try to take advantage of it.

While it is hard to protect a web site against every possible attack, fraudsters always hide their real location by using Proxy, VPN, and other methods...


The past few years these methods have evolved, making it harder to identify, but so did the IP detection technologies.

Our REST-API is a live database which means that checking the same IP twice in the same hour could produce different results. It is a good thing since it means the database is updated on the fly when IPs are reported to be fraudulent or dangerous.


Using FraudSentinel REST-API, you can easily incorporate IP verification mechanisms to your PHP scripts.

Our database is built from hundreds of sources, with millions of IPs, including not only a large section of Proxy, VPN, and TOR IPs but also Abused IPs, computers reported to be infected with malware, and more...


The PHP code is simple.

In this example, we used the PHP curl module, but the principle works with other libraries .

Note that you need to complete our free registration to get your REST-API token.


<?php

$curl = curl_init();
$url = "https://api.fraudsentinel.com/api/sentinel.json";
$token = "your api token"; // Your token available at https://www.fraudsentinel.com/restapi .
$data = array(
    'ip' => $ip,
    'api_token' => $token,
    'domain' => 'yourdomain.com', // The domain to show on your dashboard .
);
if (!empty($cid)) $data['cid']=$cid;
$url = sprintf("%s?%s", $url, http_build_query($data));
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_HEADER, 0);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, 0); // This is optional
$result = curl_exec($curl);

?>


The results are JSON encoded for this sample we will just check the main flag.


<?php

$xFlag = false;
if ($http_code == 400 && (!empty($result))) {
    $json = json_decode($result);
    if ((!empty($json)) && isset($json->status) && $json->status == "Expired") {
        $xFlag = "Expired"; // Expired means you have exeded your number of API calls.
    } else {
        $xFlag = "Error";
    }
} else if ($http_code != 200) {
    $xFlag = "Error";
} else {
    $json_ = $result;
    if (!empty($json_)) $json = json_decode($json_);
    if (empty($json)) {
        $xFlag = "Error";
    } else {
        if (isset($json->Flag)) $xFlag = $json->Flag;
    }
}
if ((!empty($xFlag))&&$xFlag=='Block') return true;

?>


You can look at the returned data using our IP tester form available at https://www.fraudsentinel.com/IPTester :



{
	"Flag": "Block",
	"Reason": "Dangerous",
	"IP": "127.0.0.1",
	"GEO": "-",
	"Timestamp": 1600783927,
	"db": {
		"Non-Residential": 3,
		"Suspicious": 9,
		"BlackListed": 2,
		"Dangerous": 1,
		"Spammer": 1
	},
	"live": {
		"karma": 0
	}
}


If you have questions, please do not hesitate to contact us at support@FraudSentinel.com .

Feedback
;
We use cookies to provide you with a better experience when accessing our website. They also help us to analyse how visitors use our website in order to improve the content and design of our website.
By continuing to use our site, you accept our use of Cookies, Privacy Policy and Terms of Use.