ProxyTracer LogoProxyTracer
Skip to Content
DocsIntegrationGo (net/http)

Go (net/http)

Go is designed for blazing-fast network services. Because ProxyTracer responds in under 10ms, calling it within a standard net/http middleware handler will not create any noticeable bottleneck in your goroutines.

The Middleware

This implementation safely extracts the IP from X-Forwarded-For headers, utilizes Go’s native http.Client with a strict timeout, and drops malicious connections immediately before they reach your heavy application logic.

package middleware
 
import (
    "encoding/json"
    "log"
    "net/http"
    "os"
    "strings"
    "time"
)
 
// ProxyTracerResponse maps exactly to the {"proxy": true|false} JSON response
type ProxyTracerResponse struct {
    Proxy bool `json:"proxy"`
}
 
func ProxyTracer(next http.Handler) http.Handler {
    apiKey := os.Getenv("PROXYTRACER_API_KEY")
    
    // Initialize a reusable client with a strict 500ms timeout
    client := &http.Client{
        Timeout: 500 * time.Millisecond,
    }
 
    return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
        // 1. Safely extract the real IP behind load balancers
        ip := r.Header.Get("X-Forwarded-For")
        if ip == "" {
            ip = strings.Split(r.RemoteAddr, ":")[0]
        } else {
            ip = strings.Split(ip, ",")[0]
        }
        ip = strings.TrimSpace(ip)
 
        // Pass through if local development
        if ip == "127.0.0.1" || ip == "::1" || ip == "" {
            next.ServeHTTP(w, r)
            return
        }
 
        // 2. Query ProxyTracer API
        req, err := http.NewRequest("GET", "https://api.proxytracer.com/v1/check/"+ip, nil)
        if err == nil {
            req.Header.Set("Authorization", "Bearer "+apiKey)
            resp, err := client.Do(req)
 
            if err == nil && resp.StatusCode == http.StatusOK {
                defer resp.Body.Close()
                
                var ptResp ProxyTracerResponse
                if err := json.NewDecoder(resp.Body).Decode(&ptResp); err == nil {
                    
                    // 3. Drop the connection if a proxy/VPN is detected
                    if ptResp.Proxy {
                        w.Header().Set("Content-Type", "application/json")
                        w.WriteHeader(http.StatusForbidden)
                        w.Write([]byte(`{"error": "Access Denied: VPN or Proxy detected."}`))
                        return // Short-circuits the handler chain
                    }
                }
            } else {
                // Fail open: Log the error and allow the request through to ensure uptime
                log.Printf("ProxyTracer API error: %v", err)
            }
        }
 
        // 4. Traffic is clean, proceed to the next handler
        next.ServeHTTP(w, r)
    })
}

Usage

Simply wrap your main router or specific sensitive endpoints with the middleware:

func main() {
    mux := http.NewServeMux()
    mux.HandleFunc("/api/secure-data", secureHandler)
 
    // Wrap the entire multiplexer in the ProxyTracer middleware
    log.Fatal(http.ListenAndServe(":8080", middleware.ProxyTracer(mux)))
}
Last updated on
FastAPI (Python)Laravel (PHP)