How to Block Anonymous Proxies on Heroku

What is an Anonymous Proxy

A proxy server is any computer which is passing traffic through to a destination on behalf of another client.

In production systems, proxy applications like HAProxy, NGINX, or Squid handle this type of traffic shaping on servers in data centers alongside application servers.

Anonymous proxies are typically residential computers which have been compromised by malware. Unscrupulous companies will sell access to these proxies which are then used to launch attacks.

Why Block Anonymous Proxies

Naive web attacks are easy to track down, every request contains the IP address of the host the attack is originating from - anonyous proxies are a method often used by attackers to obscure the true location from where they are launching attacks.

Prerequisites

What you need to get started:

1. Expedited WAF add-on is setup in front of your application.

How to Block Anonymous Proxies on Heroku

Expedited WAF maintains a continually updated list of known anonymous proxies, which you can choose to block as a group from the Stop Attacks tab of your dashboard.

Notes

• A variety of techniques are used to identify anonymous proxies, but no detection system is 100%
• There are many legitimate uses of proxy servers for caching, inbound filtering and other production tasks, these will not be blocked by ExpeditedWAF.

More Reading

Learn more about anonymous proxies

• Anonymizer on Wikipedia
• Malware and Anonymous Proxies