When it comes to proxies, it’s always smart to embrace a buyer beware philosophy. After all, proxies are hosted by strangers, and you have no idea what’s running on them. In addition, whether it’s intentional or not, many proxies leak information to the hosts they access.

For example, you may be using a proxy to hide your public IP, and might not want the site you seek to visit to know you are using a proxy. Proxies often expose these very details to servers in forwarded requests. So how is one supposed to find proxies that don’t do such?

At The Prox Is Right we have processes in place to gauge and test proxies for anonymity. Each time we check the availability of a proxy, we make requests via that proxy to one of our trusted destination servers, where we then look for the existence of the following telling headers, which are known to be passed along by proxies:

Proxy-Connection
Via
X-Forwarded-For
X-Proxy-ID
Xroxy-Connection
REMOTE-ADDR (If it is not the proxy IP)

We then score each proxy based on the existence of the above. However, we treat the question as binary as far as our results. If a proxy tells the destination server anything that says “this is a proxied request,” then it fails in our eyes. [via Attribution Labs Blog]