Jump to content

HTTP_X_FORWARDED_FOR ISSUE


andre3

Recommended Posts

Hey guys, when i use this to return someones ip:  $_SERVER['REMOTE_ADDR']; it returns the server ip address, an it happends because www is handled as a forward on my server , however i use this function to get the persons real ip address:

 

public function original_ip()
{
    if (!empty($_SERVER['HTTP_CLIENT_IP']))   //check ip from share internet
    {
      $ip=$_SERVER['HTTP_CLIENT_IP'];
    }
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))   //to check ip is pass from proxy
    {
      $ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
    }
    else
    {
      $ip=$_SERVER['REMOTE_ADDR'];
    }

return $ip;
}

 

but when i capture the ip address in a sql table, some of them are like this: 195.189.142.252 , 10.22.333.33  that i want to know is, which is the persons real ip address ? i did a explode on it, to get one ip address instead of 2, an it worked farely well.. although ive done that the mystery questions remains, 'which is the real ip' i would really appreciate some help. Thanks

Link to comment
Share on other sites

The first one is the clients IP and the ones after (maybe more then one) is the proxies IP

 

EDIT: okay I should also say that this is true for transparent proxies but NOT true for anonymous proxies.

if HTTP_X_FORWARDED_FOR exists then a proxy is being used

but a distorting proxy with give you a random number in HTTP_X_FORWARDED_FOR,

but in a highly anonymity proxy you will not see HTTP_X_FORWARDED_FOR or HTTP_VIA

 

Link to comment
Share on other sites

What part don't you understand ?

 

The first IP is the likely clients IP, but that's not always true, for example distorting proxy will give you fake info and a highly anonymity will only give you the proxy IP without setting HTTP_X_FORWARDED_FOR or HTTP_VIA

Link to comment
Share on other sites

This thread is more than a year old. Please don't revive it unless you have something important to add.

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.