Detect if user is on a VPN

Discussion in 'Spigot Plugin Help' started by Gylax, Jan 29, 2020.

  1. So I'm currently making a plugin and inside it, it would include when you execute a certain command it returns if that user is on a vpn. (If it is it returns the text "YES" and if not then "NO")

    Not sure on how to actually return the result.

    Any help? would be appreciated!
     
  2. fergydanny

    fergydanny Previously SysAdamant
    Benefactor

    You will likely have to send requests to an API provided by a service that specializes in detecting if certain IPs are known to be a part of a VPN. There are tons of these services that you can find by googling "vpn detection api".
     
  3. Do you know any good free APIs i can take a look at?
     
  4. fergydanny

    fergydanny Previously SysAdamant
    Benefactor

    Depending on your usage I used https://getipintel.net/ for a while and it was pretty good but they charge for high usage, something else that I've seen people use is https://iphub.info/ However this may not be a problem if you only check each ip once and then store it somewhere. There are probably a million free ones out there but I haven't had any success with any. If you don't mind using a plugin for this tho https://www.spigotmc.org/resources/gatekeeper-advanced-antivpn-antiproxy.70895/ is free and has been working better than paid API's for me.
     
  5. PhanaticD

    Patron

    id also recommend getipintel, friendly owner as well
     
  6. Is there an example for VPN usage when I execute the command? I'm not sure on how to parse the json string "vpn" or whatever, only, not multiple like the country, city, region, etc...
     
  7. fergydanny

    fergydanny Previously SysAdamant
    Benefactor

    I don't really have a public example for you but personally to work with JSON data I've used the apache http client. Give that a look and you should be able to work something out
     
  8. @clx_ had a combination of two services that apparently work like a charm.

    One was proxycheck.io, not sure what the other one was.
     
  9. I strictly use proxycheck.io with almost no false positives.
     
  10. Hello this really is useless there are ways to bypass Anti-VPN
    the best way to block VPN is to use a GEOIP block is much more effective.
     
  11. I'm quite positive this just comes down to using a reliable provider with enough data to know which IP is a VPN or not. Or at least, could be.

    wat
     
  12. I have tried most of the anti vpn plugins and they are all the same, they are not able to offer real protection against vpn, there are ways to bypass these plugins
    If you really want people to use their real IP you just need to use a geoip blacklistIf you really want people to use their real IP you just need to use a geoip blacklist
     
    • Funny Funny x 3
  13. That's because they're all free, and they're most likely all bound to free services. Something like proxycheck.io (according to @clx_) is fantastic, but unrealistic to use in a public plugin unless explicitly specified that it may require a subscription. So unless you can link which plugins you've tried, and how their detection works, I think that's a bit biased.

    Again; wat. How do you plan on using some GeoIP info to detect if something is a VPN..? All it does is provide you with a very rough, often incorrect estimation of the coordinates, and what provider is behind the IP. Something like proxycheck.io literally does the same, but more.
     
  14. It's a complex thing to explain this to you
    we go in parts first the anti vpn plugins can generate errors or crash before bot attack since the APIs are not able to withstand as many connections per second
    and secondly, we are going to assume that your server is for example a French or German community or Spaniards. I have seen many servers which made the decision to block other regions which were not from the same country, thus avoiding the use of VPN and the use of altings and cheats users is really effective I have checked and used it for 4 years
    I hope this answers your question

    this may sound weird but there are premium servers which only allow you to enter with a client of the server itself this has pros and cons

    I have also seen servers which you have to buy a pass in the whitelist thing that seems abusive to me but it is another method of guaranteeing fair play in theory in practice many use hacks and make refunds

    Each community seeks methods to ensure fair play and reduce the use of hacks
     
  15. This practice is not only not followed by pretty much everyone here since I think most of us prefer international stuff, but it's also still not a valid approach against VPNs. You have a GEO block, not something that detects VPNs. I could still use a VPN from the same (your whitelisted) country and render your approach useless...
     
  16. Are you ok? One of the main selling points of VPNs is to bypass geo blocks
     
  17. @Gylax are you looking to block them completely too? if so, look at a plugin called AntiVPN or Gatekeeper. Otherwise, grab an API that's recommended by many.
     
    • Like Like x 1
  18. Practically the experiences I have had with anti VPN payment have not been good at all
    the only thing that has worked for me so far has been the aforementioned
     
  19. There is also a solution for this you just need an ipcheck plugin and problem solved and some antibots can avoid the use of proxies or VPNs even though I continue with mine I do not like anti VPNs do not work properly
    There is free VPN which can bypass any plugin