Is there any way to block users if they try to log in from a proxy?
You can implement a custom rule that can fail an ongoing authentication transaction based on your own logic so technically the answer would be yes, although the decision about a given user being behind a proxy would have to be done in your custom logic.