Im geo locking our program, we have a service that returns the country code for us. But if someone is behind a router, they have a local 192.168.x.x address, and this tells me nothing. Is there a way to find out their address at the router? I could do a trace, but then i need to program logic myself about which ip is useful and which are not. I'm doing this code fromt he server in php, and our client web app is in javascript. Please advise.
Thanks
function get_real_ip() {
if (!empty($_SERVER['HTTP_X_FORWARED_FOR']))
{
$client_ip = $_SERVER['HTTP_X_FORWARED_FOR'];
}
elseif (!empty($_SERVER['HTTP_CLIENT_IP']))
{
$client_ip = $_SERVER['HTTP_CLIENT_IP'];
}
else
{
$client_ip = $_SERVER['REMOTE_ADDR'];
}
return $client_ip;
}
For server based software the PHP variable $_SERVER['REMOTE_ADDR'] will give the address of the client. For clients behind a router their address will be translated by the router firmware, so the server will see the router's public IP address, not the client's local private address.
All this is further confused by the possible presence of intervening proxy servers which may or may not tell you what their client address is. You can look at $_SERVER['HTTP_X_FORWRDED_FOR'] or $_SERVER['HTTP_CLIENT_IP'], if they're present. If not, you'll have to make do with the proxy address.
Related
I want to browse some sites using a proxy, so I want to change the IP address of my client to the specified IP.
I am also testing it on localhost, so my goal is to visit my localhost site with PHP script (also localhost). The problem is how to test this (maybe some simple test by writing out changed IP to file).
I'm not entirely sure what exactly you mean, but you can check your clients IP address with this:
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
echo $ip;
Ofcourse this will not change your clients IP address. You need an actual proxy server for that.
Hello i am using this function to get IP Address of different systems..but everytime it returns the same value: 117.239.82.182
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['REMOTE_ADDR'];
}
return $ip;
}
EDIT: (The answer changed radically after some clarifications in the comments)
You could edit the User-Agent setting of the user's browsers. To see how to change the setting in various browsers follow this link. Then you should modify your PHP script to read User-Agent of the browser.
In PHP,$_SERVER['HTTP_USER_AGENT'] returns the browser's User-Agent setting. Eg. you can define as User-Agent something like Company/System/1.02 Bla bla bla. Then when you receive that same string you can assume it is coming from a known host.
Attention that the User-Agent can be easily spoofed. So this method is not secure. The secure solution would be to implement a VPN solution.
117.239.82.182 is an external IP address. If all the systems that connect to the PHP server are behind the same external IP address, all of them will be notet as the same IP address.
Your script doesn't take the local IP. Don't think it's even possible. The IP you are seeing, is the IP of the firewall of your company.
I have PHP code that is supposed to detect a user's IP address. The code below returns an IP address, but the IP address is sometimes a local network IP (e.g. 10.0.0.1) and not a public IP. How can I ensure that I always get the public IP? Thanks. BTW, this code is from another StackOverflow post. Also, this code is used in a website that is being accessed over the internet from a completely separate network than that of my Apache web server.
if (isset($_SERVER["HTTP_CLIENT_IP"])){
$ip = $_SERVER["HTTP_CLIENT_IP"];
} elseif (isset($_SERVER["HTTP_X_FORWARDED_FOR"])){
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} elseif (isset($_SERVER["HTTP_X_FORWARDED"])){
$ip = $_SERVER["HTTP_X_FORWARDED"];
} elseif (isset($_SERVER["HTTP_FORWARDED_FOR"])){
$ip = $_SERVER["HTTP_FORWARDED_FOR"];
} elseif (isset($_SERVER["HTTP_FORWARDED"])){
$ip = $_SERVER["HTTP_FORWARDED"];
} else {
$ip = $_SERVER["REMOTE_ADDR"];
}
Eliminate all the if(){} else{} code, and just request the REMOTE_ADDR:
$ip = $_SERVER["REMOTE_ADDR"];
It's the only reliable source of a user's remote IP address as all the other _SERVER keys can be masked by the client.
If the IP address is still local (and youre SURE that you're dealing with clients not in the networks or on a local VPN) the you may be dealing with either a server caching system (Squid Proxy eg). Have a look at http://www.nineteenlabs.com/2007/08/24/high-anonymous-proxy-squid-25/
here i am using $_SERVER['remote_addr'] i am getting the IP address INTERNET providers. please help me out.
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['REMOTE_ADDR'];
}
return $ip;
}
It would seem that the question is looking for the server's IP address, and the problem is that the supplied code is returning the remote IP. If you want the IP address of the server, try $_SERVER['SERVER_ADDR'] . See $_SERVER for more details, or clearly define what you mean by "system IP".
You will not be able to get the client's local IP address from PHP like this, you will only ever get the
common gateway IP address
as you put it. This is because the request will appear to be coming from the router or whatever is between your client and the web server
How can we track the Real IP address behind the proxy using PHP?I mean a pure PHP implementation.Because they can turn off the js of their browsers.BTW when the JS is turn on I may use HTML 5 geolocation so I don't need the IP address to locate the user.
You can look at the X-Forwarded-For HTTP header if one is sent, but there is no guaranteed way to know.
This PHP code will work, and is useful for forward and reverse proxies. For reverse proxies, note that the X_FORWARDED_FOR header information, if available at all, can be forged and should not be trusted at all.
if($_SERVER["HTTP_X_FORWARDED_FOR"] != ""){
$IP = $_SERVER["HTTP_X_FORWARDED_FOR"];
$proxy = $_SERVER["REMOTE_ADDR"];
$host = #gethostbyaddr($_SERVER["HTTP_X_FORWARDED_FOR"]);
}else{
$IP = $_SERVER["REMOTE_ADDR"];
$proxy = "No proxy detected";
$host = #gethostbyaddr($_SERVER["REMOTE_ADDR"]);
}
The user who is behind a proxy does not have a globally routable IP address. If you want to maintain session state, you're better off having a session key you generate, and setting it as a cookie, or keeping it in the URL (there are tradeoffs with that approach).
If you really want to find out what their IP address is on their own network, you could probably use javascript in the page to find it out, and then send it back to your server.