Web Analytics Made Easy -
StatCounter Resolve Real IP - CodingForum

Announcement

Collapse
No announcement yet.

Resolve Real IP

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Resolve Real IP

    Hi,

    I can get the apparent IP from $_SERVER['REMOTE_ADDR'];

    However, how can I find the real IP if the user is behind a proxy?

    I know it must be possible as some "whatismyip" sites do it.

    Thanks,

  • #2
    No it is not really possible. A proxy may or may not send a header it's forwarding for some other computer but that header may be false.
    I'm not sure if this was any help, but I hope it didn't make you stupider.

    Experience is something you get just after you really need it.
    PHP Installation Guide Feedback welcome.

    Comment


    • #3
      Aha headers. I've googled that and come up with HTTP_X_FORWARDED_FOR. That'll do for now.

      Comment


      • #4
        The REMOTE_ADDR is obtained directly from the TCP/IP packets. It is the IP address of the physical device that made the request to the server and where the response will be sent back. If the visitor is using a proxy or is behind a router, the IP address will be that of the proxy/router...

        All of the HTTP_xxxxx values are sent using headers. All of these are optional. A browser and/or script can set them to any value or not set them at all. You cannot rely on any of them being present and you cannot rely on the value. For one visitor HTTP_X_FORWARDED_FOR might be set. For the next visitor, not set. For the next visitor using a proxy script, it might be set to a value you have not banned because this visitor's true IP address has been banned.
        Finding out HOW to do something is called research, i.e. keep searching until you find the answer. After you attempt to do something and cannot solve a problem with it yourself, would be when you ask others for help.

        Comment


        • #5
          That might worry me, but I need this for a game master server (in PHP!!), so it's in the user's interest to have a correct IP. I will check HTTP_X_FORWARDED_FOR, and if present i'll use it. In my case it would be required as I am behind a (transparent) web cache.

          Comment


          • #6
            If you are using the IP address for authentication between visits and are expecting the same computer to have the same IP address, don't forget that most of the people on the planet have dynamic IP addresses. Those with dial up access get a different IP address on each connection. Those with cable/DSL connections get a new IP address whenever their router is reset/power loss...
            Finding out HOW to do something is called research, i.e. keep searching until you find the answer. After you attempt to do something and cannot solve a problem with it yourself, would be when you ask others for help.

            Comment


            • #7
              Is there a way to do something like this:

              if HTTP_X_FORWARDED_FOR contains (an IP address) then echo HTTP_X_FORWARDED_FOR

              else

              echo REMOTE_ADDR
              Can someone show how to do that?

              Would that be a little better at finding IPs? I noticed if I'm behind a proxy, there are some sites that still find my actual IP - like my IPB forums. Is this how they do it?
              <div> - putting your mind in a box since 1997

              Comment


              • #8
                Code:
                // get user IP accounting for transparent proxies. Anonymous proxies won't work.
                
                $sourceIP = $_SERVER['REMOTE_ADDR'];
                
                if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
                {
                	$sourceIP = $_SERVER['HTTP_X_FORWARDED_FOR'];
                }
                else if (isset($_SERVER['HTTP_VIA']))
                {
                	$sourceIP = $_SERVER['HTTP_VIA'];
                }
                
                echo $sourceIP;
                as I use in my script

                Comment


                • #9
                  Wow, shweet! And you gave me another idea/question.

                  I'm wanting to use this to cut down on fraud on my site... is there a way to flag a visitor who is using an anonymous proxy?

                  if HTTP_X_FORWARDED_FOR contains (an IP address) then echo HTTP_X_FORWARDED_FOR

                  else if

                  REMOTE_ADDR contains (an IP address) then echo REMOTE_ADDR

                  else

                  echo "Who are you hiding from, Big Brother?"






                  *edit*
                  // get user IP accounting for transparent proxies. Anonymous proxies won't work.

                  $sourceIP = $_SERVER['REMOTE_ADDR'];

                  if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
                  {
                  $sourceIP = $_SERVER['HTTP_X_FORWARDED_FOR'];
                  }
                  else if (isset($_SERVER['HTTP_VIA']))
                  {
                  $sourceIP = $_SERVER['HTTP_VIA'];
                  }


                  else
                  $sourceIP = "Anonymous? No Access!"; end;


                  echo $sourceIP;

                  Is it as easy as that? I'm not on an Anonymous proxy, so I don't know if that'll work...
                  Last edited by ArcticFox; Jan 24, 2007, 02:16 PM.
                  <div> - putting your mind in a box since 1997

                  Comment


                  • #10
                    No, if it's truly anonymous there's no way of telling. :O (I think)

                    Comment


                    • #11
                      I can set me a HTTP_X_FORWARDED_FOR header containing your IP and if you trust that header and ban the IP, you'll be banning yourself.
                      I'm not sure if this was any help, but I hope it didn't make you stupider.

                      Experience is something you get just after you really need it.
                      PHP Installation Guide Feedback welcome.

                      Comment

                      Working...
                      X