I've tried to get the IP address of client browsing the site using
$_SERVER['REMOTE_ADDR'], but I'm not getting the exact IP of the client
please help me... Thanks
$_SERVER['REMOTE_ADDR']
is the best you will get really.
There are various other headers that can be sent by the client (HTTP_FORWARDED_FOR et al.) - see this question for a complete overview - but these can be freely manipulated by the client and are not to be deemed reliable.
// Get the real client IP
function getIP() {
if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown")) {
$ip = getenv("HTTP_CLIENT_IP");
} else if (getenv("HTTP_X_FORWARDED_FOR") && strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown")) {
$ip = getenv("HTTP_X_FORWARDED_FOR");
} else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown")) {
$ip = getenv("REMOTE_ADDR");
} else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] && strcasecmp($_SERVER['REMOTE_ADDR'], "unknown")) {
$ip = $_SERVER['REMOTE_ADDR'];
} else {
$ip = "unknown";
}
return($ip);
}
The IP address that the server sees is the client's public-facing IP address. If they're behind a NAT router, they will have a different address inside their network.
If you run ipconfig (Windows) or ifconfig (Unix-y systems) on the client machine, you'll get their local IP address. If it's in the 192.168.x.x or 10.x.x.x ranges, they're behind a NAT router and the internet will see them coming from a different address.
If user is behind a proxy you will be getting the IP of the proxy. The user IP would be then either one of these (you'd need to check both):
$_SERVER['HTTP_CLIENT_IP']
$_SERVER['HTTP_X_FORWARDED_FOR']
If any of them is set, then user is behind a proxy (unless he is faking those headers) and you should use them as the source IP.
Else use $_SERVER['REMOTE_ADDR'].
Related
I want to browse some sites using a proxy, so I want to change the IP address of my client to the specified IP.
I am also testing it on localhost, so my goal is to visit my localhost site with PHP script (also localhost). The problem is how to test this (maybe some simple test by writing out changed IP to file).
I'm not entirely sure what exactly you mean, but you can check your clients IP address with this:
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
$ip = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip = $_SERVER['REMOTE_ADDR'];
}
echo $ip;
Ofcourse this will not change your clients IP address. You need an actual proxy server for that.
I have PHP code that is supposed to detect a user's IP address. The code below returns an IP address, but the IP address is sometimes a local network IP (e.g. 10.0.0.1) and not a public IP. How can I ensure that I always get the public IP? Thanks. BTW, this code is from another StackOverflow post. Also, this code is used in a website that is being accessed over the internet from a completely separate network than that of my Apache web server.
if (isset($_SERVER["HTTP_CLIENT_IP"])){
$ip = $_SERVER["HTTP_CLIENT_IP"];
} elseif (isset($_SERVER["HTTP_X_FORWARDED_FOR"])){
$ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} elseif (isset($_SERVER["HTTP_X_FORWARDED"])){
$ip = $_SERVER["HTTP_X_FORWARDED"];
} elseif (isset($_SERVER["HTTP_FORWARDED_FOR"])){
$ip = $_SERVER["HTTP_FORWARDED_FOR"];
} elseif (isset($_SERVER["HTTP_FORWARDED"])){
$ip = $_SERVER["HTTP_FORWARDED"];
} else {
$ip = $_SERVER["REMOTE_ADDR"];
}
Eliminate all the if(){} else{} code, and just request the REMOTE_ADDR:
$ip = $_SERVER["REMOTE_ADDR"];
It's the only reliable source of a user's remote IP address as all the other _SERVER keys can be masked by the client.
If the IP address is still local (and youre SURE that you're dealing with clients not in the networks or on a local VPN) the you may be dealing with either a server caching system (Squid Proxy eg). Have a look at http://www.nineteenlabs.com/2007/08/24/high-anonymous-proxy-squid-25/
here i am using $_SERVER['remote_addr'] i am getting the IP address INTERNET providers. please help me out.
function getRealIpAddr()
{
if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet
{
$ip=$_SERVER['HTTP_CLIENT_IP'];
}
elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy
{
$ip=$_SERVER['HTTP_X_FORWARDED_FOR'];
}
else
{
$ip=$_SERVER['REMOTE_ADDR'];
}
return $ip;
}
It would seem that the question is looking for the server's IP address, and the problem is that the supplied code is returning the remote IP. If you want the IP address of the server, try $_SERVER['SERVER_ADDR'] . See $_SERVER for more details, or clearly define what you mean by "system IP".
You will not be able to get the client's local IP address from PHP like this, you will only ever get the
common gateway IP address
as you put it. This is because the request will appear to be coming from the router or whatever is between your client and the web server
i have following php code to get vistor ip
function VisitorIP()
{
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
$TheIp=$_SERVER['HTTP_X_FORWARDED_FOR'];
else $TheIp=$_SERVER['REMOTE_ADDR'];
return trim($TheIp);
}
$Users_IP_address = VisitorIP();
but every time i execute this script on my localhost i got ::1 as IP
how can i get exact internet IP & system IP address
because my script will run on LAN nwteork and i want to record IP of lan pcs & internet IP and save it in mysql database.
i need PHP code which privide local system IP and system internet IP.
Thanks
Technically, you are getting the right IP. ::1 is your loopback (localhost) IPv6 address.
First, throw this stupid function away, because HTTP_X_FORWARDED_FOR is not an IP address but merely an HTTP header, and make it just
$Users_IP_address = $_SERVER['REMOTE_ADDR'];
Next, you have to set up your server to work with ipv4, not ipv6.
Though it is not really a PHP question and should be asked on the serverfault, provided with full system setup: OS, version, your rights etc.
When you run above script on localhost you can get ::1 this result.
It's very common.
If you want to get your system IP address with localhost use this code.
1) Script for localhost
<?PHP
$ip = #file_get_contents("http://www.apps-tube.com/apps/ip-address/ip.php");
echo $ip;
?>
2) Script for Servers
<?PHP
function getUserIP()
{
$client = #$_SERVER['HTTP_CLIENT_IP'];
$forward = #$_SERVER['HTTP_X_FORWARDED_FOR'];
$remote = $_SERVER['REMOTE_ADDR'];
if(filter_var($client, FILTER_VALIDATE_IP))
{
$ip = $client;
}
elseif(filter_var($forward, FILTER_VALIDATE_IP))
{
$ip = $forward;
}
else
{
$ip = $remote;
}
return $ip;
}
$user_ip = getUserIP();
echo $user_ip; // Output IP address [Ex: 177.87.193.134]
?>
Is there a way to collect the IP address of a client connected to your website through a proxy server?
The entire setup is an internal LAN and through the sysadmin, I have control over the proxy machine as well. I am using PHP5 for the website server side.
I tried $_SERVER['REMOTE_ADDR'] in PHP but this variable just stores the IP address of the proxy.
Any ideas?
The standard solution (in php) is:
if ($_SERVER['HTTP_X_FORWARDED_FOR']){
$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
}
else{
$ip = $_SERVER['REMOTE_ADDR'];
}
But as the first answer says this all depends on the header actually being set.
It depends on the proxy. Some proxies add a header which gives the original IP address, the X-Forwarded-For header, but given that most companies uses proxies to hide the internal network structure that's rare. If this is the case then you're not going to be able to do it easily.
If you have control over the proxy then it's time to read the proxy documentation to see how to add that header.
X-Forwarded-For is the only way to get client's IP address. Check if there is a way to enable that in your proxy.
On some proxy, it gives you option how to handle existing XFF header (when request passes through multiple proxies). Here is what you need to consider,
If the client address is for security/trust purposes (like ACL or rate-limiting), existing XFF header should be dropped by proxy.
If the address is for information only (logging, debugging), you should append peer address to existing XFF, separated by comma. The first IP on the list would be the client's IP.
This code can be used to get the client's IP address who's connecting through a proxy.
public static String getClientIpAddr(HttpServletRequest request) {
String ip = request.getHeader("X-Forwarded-For");
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("WL-Proxy-Client-IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_CLIENT_IP");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getHeader("HTTP_X_FORWARDED_FOR");
}
if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {
ip = request.getRemoteAddr();
}
return ip;
}
But it detects only when proxy is transparent.
Below is the information on HTTP proxy:
Not using any proxy server:
request.getRemoteAddr() = IP address of client
request.getHeader("HTTP_X_FORWARDED_FOR") = No value or No display
Use Transparent Proxies:
HTTP_X_FORWARDED_FOR = Real IP address of client
Use Normal Anonymous Proxies:
request.getRemoteAddr() = IP address of proxy server
HTTP_X_FORWARDED_FOR = IP address of proxy server