Getting Users Real IP address using PHP
I want to get the real IP address from users going on my site even if they use a proxy website like hidemyass.com
This is the code I have and thought it worked but I
-
You can't get the "real" IP address for sure unless you implement some sort of authentication protocol at the application layer that encodes the IP address (which is also subject to spoofin).
Why is this?
Because the IP data packet can be rewritten arbitrarily by someone "in the middle" who has access to it. E.g., a proxy, router, gateway, etc.
An IP data packet has this structure
| stuff | src ip | dst ip | stuff | | .... | 32-bits| 32 bits | stuff |So src ip - those are just bits, remember - can be overwritten arbitrarily.
http://www.faqs.org/rfcs/rfc791.html will give more information.
讨论(0) -
You can't. The info you have is from apache/iis/whatever, and it only knows who is talking to your server, which in this case, is the proxy. Unless the proxy wants to send along that info in a header, then you won't get it.
X-Forwarded-For is the best you can do, but its not likely an anonymous proxy will send that.
讨论(0) -
Unless the proxy puts the real ip address in the headers (common - depending on why the proxy is being used) (generally in some form of "X-something"), then you can only see the ip address of the proxy.
讨论(0) -
There is no guaranteed way to get a "real" IP address, if the proxy doesn't want to tell you about it (and any true anonymous proxy won't).
讨论(0) -
Try this please
function get_IP_address() { foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key){ if (array_key_exists($key, $_SERVER) === true){ foreach (explode(',', $_SERVER[$key]) as $IPaddress){ $IPaddress = trim($IPaddress); // Just to be safe if (filter_var($IPaddress, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) { return $IPaddress; } } } } }讨论(0)
加载中...
- 热议问题