IP-based blocking is sometimes necessary when abuses are coming from a particular location. However, for users of proxy servers — such as those using Opera’s Turbo feature or Opera Mini — blocking one IP also blocks all people using that proxy. There is a workaround, but first, some background.
What is Opera Turbo?
Opera Turbo is a feature of Opera Mobile and Opera Desktop. Turbo compresses data so that pages and images load faster over slower connections.
Compression takes place on one of Opera’s proxy servers. As with Opera Mini, the request goes from the desktop or mobile device to the proxy server. The proxy makes the request to the user-requested domain, receives and compresses the response, and returns it to the browser.
To see this in action, download Opera if you haven’t already. Launch it, then visit Whats My IP Address?. Make note of the reported IP. Then turn on Turbo using the icon in the status bar (
) and refresh the page.
When blocking by IP goes bad
This generally works smoothly until a server blocks a specific IP address. For example, if you visit Justin.tv, using Opera with Turbo enabled, you will received the following message: You have been blocked from using Justin.tv services, for more information please visit this page to learn more.
A rogue user caused Opera’s server IP address to be blocked, but the IP that originated the abusive request was not. That’s, obviously, a bad thing for Opera Turbo users.
Similar problems occur can occur with sites that geo-restrict content by IP address.
The X-Forwarded-For Header
That’s where the X-Forwarded-For header comes in. When in Turbo mode (or when using Opera Mini), Opera sends an additional X-Forwarded-For header that includes the IP address of the originating device.
The headers below are an example of what Opera desktop sends when Turbo is disabled.
User-Agent: Opera/9.80 (Macintosh; Intel Mac OS X 10.6.8; U; Edition Next; en) Presto/2.9.181 Version/12.00 Host: webinista.com Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 Accept-Language: en,en-US;q=0.9,ja;q=0.8,fr;q=0.7,de;q=0.6,es;q=0.5,it;q=0.4,pt;q=0.3,pt-PT;q=0.2,nl;q=0.1,sv;q=0.1,nb;q=0.1,da;q=0.1,fi;q=0.1,ru;q=0.1,pl;q=0.1,zh-CN;q=0.1,zh-TW;q=0.1,ko;q=0.1 Accept-Encoding: gzip, deflate Cache-Control: no-cache Connection: Keep-Alive
And this next set of headers is an example of what Opera sends when Turbo is enabled.
Host: webinista.com Accept-Language: en,en-US;q=0.9,ja;q=0.8,fr;q=0.7,de;q=0.6,es;q=0.5,it;q=0.4,pt;q=0.3,pt-PT;q=0.2,nl;q=0.1,sv;q=0.1,nb;q=0.1,da;q=0.1,fi;q=0.1,ru;q=0.1,pl;q=0.1,zh-CN;q=0.1,zh-TW;q=0.1,ko;q=0.1 User-Agent: Opera/9.80 (Macintosh; Intel Mac OS X 10.6.8; U; Edition Next; en) Presto/2.9.181 Version/12.00 Accept: text/html, application/xml;q=0.9, application/xhtml+xml, image/png, image/webp, image/jpeg, image/gif, image/x-xbitmap, */*;q=0.1 X-Forwarded-For: 78.93.91.42
Should you need to block a specific IP, you can check whether the X-Forwarded-For is included as a request header and if so, compare that IP to your list of blocked IPs.