I have created a web app through azure that entirely depends on a users location to give them the correct data e.t.c. It's an app that recommends places to go locally.
I'm using azure, cloudflare and codeigniter as the frame work.
I'm really getting stressed out, as when i'm home, i'm getting the right location, but the second i go on my website anywhere else, it never gets the accurate information.
When cheking the header $_SERVER['HTTP_CF_CONNECTING_IP']; i seem to be getting an ipv6 address, when i go to ipdata.co, their site loads my ipv4 address which gives exact accurate information. But when i enter the address from $_SERVER['HTTP_CF_CONNECTING_IP']; it gives me city null and every other option as null
does anyone have any suggestions on how to get the users IPV4 address through cloudflare and azure?
Or any suggestions on other ways to do this? It's prolonging the launch of my website.
I am pretty new to understand geo-location and ip addresses and all that, so please bare that in mind.
Thanks
The reason that you are getting IPV4 address from your home and IPv6 from somewhere else as by default, Cloudflare provides free IPv6 support to all domains without requiring additional configuration or hardware. If your origin web server is not compatible with IPv6, Cloudflare allows toggling IPv6 Compatibility to Off. You can disable the IPV6 Compatibility to Off from cloudflare.
Reference: https://support.cloudflare.com/hc/en-us/articles/229666767
Cloudflare put into this header whatever the connecting client IP is, so they really have little control over what the user-agent decides to do.
Also check if your network has ‘good’ IPv6 connectivity, or are you getting sub-optimal routing compared to IPv4.
Check this link for additional reference.
http://www.webhostingtalk.com/showthread.php?t=1692173
Related
I am running into an issue in relation to security and verification. I have a software that checks to confirm a user, and I need to make sure it's the same client sending a PHP request and a node server request. However, on the node server, the client's IP is shown in IPv4, and on the PHP it is shown in IPv6. Is there any way I can get the same output somewhere, for example extract the IPv6 on the node server, or the IPv4 on the PHP server? Thanks.
Obtaining the same IP or verifying that it is the same client despite a "different" IPv4 and IPv6
The problem is that IPv6 and IPv4 are not coupled in any way. There's no way to deduce a v6 address from the v4 address or the other way around.
In my humble opionion, verifying users by their IP addresses is something you should avoid as IP addresses are spoofable, and the practice leads to these kind of issues. That said, there are a couple of "solutions".
Disable IPv6 on the webserver that's hosting the PHP application. Since you haven't mentioned which type of webserver this is, you should be able to google something like 'disable ipv6 apache' on how to achieve this. This should garantuee an identical IPv4 address on both servers. I personally don't particularly like this solution as it hinders IPv6 adoption.
Enable IPv6 on the node server. Please note that clients can still prefer IPv4 over IPv6 for any reason at all and there's no way to garantuee that it will use IPv6 to both webservers.
You could proxy all calls from one webserver to the other and pass the original IP in for example an 'X-Forwarded-For' header. This will introduce some overhead, but the source IP will be stabler.
Personally, I'd shy away from using the IP address and implement some sort of token stored on the client that can be verified on both servers by means of a shared database if that is an option.
I rehosted my website after it was down for a year with a new SSL. I can only assume im getting this error because i used the same computer to do it.
I have reset the SSL cache, deleted browsing history but the website just gives me errors such as stylesheet failed to load becasue of "ERR_SSL_UNRECOGNIZED_NAME_ALER". The website works fine from other devices but on the same pc, it still gives errros on other browsers. What could be a solution.
The device in question is likely using a different IP to access the site then the other devices. This might be due to the old IP address still being cached in the PC (did you try to reboot?) or even hard coded (did you check hosts file) or it might be an issue of IPv4 vs. IPv6, i.e. your PC accessing the site by IPv6 but the site is only properly setup with IPv4 - which is used by the other systems.
Caching the old IP might also be done by non-local name servers, i.e. you might have a specific name server setup on your PC, it might be a name server on the router or on the ISP. In these cases other devices sharing the same DNS server would have the problem too though. If this is the case you might need to wait until the new DNS settings are sufficiently propagated through the internet, which might take in the worst case a few days but usually only hours.
I have website and have one page for receiving some news (newly registered users, activity, etc.) and is restricted for everyone except for my IP (Page for only me to view).
I'm interested if there is a way that someone else can "fake" my IP and view this file?
P.S. I am aware of other ways of doing this.
Usually, you dont get fixed IPs, most provider give dynamic IPs. So if you restart your Router, your IP will change and make it impossible to access the page again. If you get a fixed IP, it should work. He can ofc. modify the IP, but then he wont get the response back.
Converting my comments to an answer.
It depends on how you are trying to get the client's IP address. If you are:
only using $_SERVER['REMOTE_ADDR'] to get the ip address
don't have a shared ip address
don't use a (shared) proxy
You should be just fine, because a possible attacker can technically spoof the ip address, but that would not work because, (as Andrey) rightfully pointed out to me the tcp handshake would simply fail.
Some caveats:
Your IP may change at some point effectively locking yourself out.
When you are behind a proxy / internal -> external router / vpn / otherwise shared ip other people in the same network might also have access
Never ever ever use $_SERVER['HTTP_X_FORWARDED_FOR '] because this can be spoofed easily.
I'm a user of a certain forum, but recently my IP adress has been being blocked.That's not my fault but some users probalbly broke the rule and his ISP or IP address is same or close to mine, so I was enmeshed.
I rent a web server, so now I try to post comments to the forum from my server, but it fails.
When I post a comment using a form in the site, the error says that the referer was wrong.
I tried header() function using PHP but it doesn't work.
I tries to change referer but still it doesn't work.
I think if I could have a client in my web server, the IP and host change in posting comments, without changing referer information.But I don't know how to do this.
The restriction is temporary, maybe a few weeks, so I don't necessarily need a perfect and permanent solution.
Is there any ways to solve this problem?
If they're blocking you based on IP address, then it's the web IP address of your local network that they're blocking. If they've decided to block a range of IPs then you have a larger problem depending on your host.
A few things you can try:
Chances are (unless this is a work account) that you're using a dynamic ip address from your host. A lot of work accounts use a dynamic IP too, but you would need access to the modem (since you're probably not the corporate network administrator). Sometimes to get a new IP address from a completely different range by unplugging your cable or DSL modem and plugging it back in after about 30 seconds. Most electronics clear instantaneously (unless they have an onboard battery backup), but in the case of network components they purposely build in a few seconds of wait time in DHCP servers before providing a completely different IP address. Usually when I'm having a problem on my local network or doing an upgrade and unplug my modem after about 10 minutes of work when I plug my modem back in I have a new IP so I have to go through all of the trouble of re-whitelisting myself everywhere (so I know this works).
You could try connecting to the boards through your cell phone if you can tether your cell phone to your workstation or desktop. This will provide you with an IP address through the cell phone carrier's network (Note: it might violate the TOS).
You could do as #Bergi suggested and use a proxy. Some web browsers (like Opera) allow you to specify a proxy in the browser without forcing all of your desktop traffic to a different network. You can obtain a proxy server address from several resources, but this is one of my favorites. Be sure to use an HTTPS proxy in order to have the best defense against someone packet filtering and catching your credentials. People can still capture the initial handshake for SSL and decrypt your communications (so make sure this is what you want to do.)
You can try to force inject headers into the message board and make your server post for you. Good forum software will check the referrer and the user_agent to see if you are a "real person" (however real the programmer felt you needed to prove). If there is a CAPTCHA you will need to be able to see the image, hear the sound, or use a plug-in to break it. (This will require research). Chances are your web server is using a static IP, so there is nothing to prevent the board from blocking this one as well. (You will not be able to change it.) If the web host has strict guidelines about using their servers for this sort of thing it might *cost you your account*. I will not provide an example for this on this board. But you can check out a book called WebBots, Spiders, and Screen Scrapers.
Can some one help me to read out the IPv6?
I tried this Working with IPv6 Addresses in PHP but it does not work for me..
There is no problem to get the IPv4 over
echo $_SERVER['REMOTE_ADDR'];
but can someone tell me how i get the IPv6?
This Site can read both (IPv4 and IPv6): http://ipv6-test.com/api/. But I try it without any api, is that possible?
Thanks
You have the right idea, but the request has to be made with IPv6 if you want an IPv6 address.
The site you link to probably works by having a page that loads resource from a server only accessible via IPv6. If it works, then you know the address.
I would just build a site that fires off AJAX requests to the same server, one via IPv4 and one via IPv6. Use its IP addresses to rule out any local DNS issues where IPv6 may not be supported.