Getting users Real IP using PHP

Question

Getting users Real IP using PHP

I want to get a real IP address from users going to my site, even if they use a proxy site, for example hidemyass.com

This is the code I have, and thought it worked, but I tested it, and it doesn’t

<?php function getRealIpAddr() { if (!empty($_SERVER['HTTP_CLIENT_IP'])) //check ip from share internet { $ip=$_SERVER['HTTP_CLIENT_IP']; } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) //to check ip is pass from proxy { $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; } else { $ip=$_SERVER['REMOTE_ADDR']; } return $ip; } ?>

I thought this code would work, but the proxy server bypasses it anyway.

Thanks in advance.

+2

php ip

Derrick Jan 13 '11 at 22:59

source share

6 answers

Amber · Answer 1 · 2011-01-13T23:00:26+0000

There is no guaranteed way to get a “real” IP address if the proxy does not want to tell you about it (and there will be no true anonymous proxy).

profitphp · Answer 2 · 2011-01-13T23:00:40+0000

You can not. The information you have is from apache / iis / whatever, and it only knows who is talking to your server, which in this case is a proxy. If the proxy does not want to send this information to the header, you will not receive it.

X-Forwarded-For is the best you can do, but it is unlikely that an anonymous proxy server will send this message.

Paul nathan · Answer 3 · 2011-01-13T23:08:05+0000

It is not possible to get a “real” IP address unless you implement some kind of application-level authentication protocol that encodes the IP address (which is also to be determined).

Why is this?

Since the IP data packet can be arbitrarily rewritten by someone in the middle who has access to it. For example, proxies, routers, gateways, etc.

IP data packet has this structure

 | stuff | src ip | dst ip | stuff | | .... | 32-bits| 32 bits | stuff |

So src ip are just bits, remember - they can be overwritten arbitrarily.

http://www.faqs.org/rfcs/rfc791.html will give more information.

James butler · Answer 4 · 2011-01-13T23:02:50+0000

If the proxy does not put the real IP address in the headers (general - depending on why the proxy is used) (usually in some form of "X-something"), you can only see the IP address of the proxy server.

bharath · Answer 5 · 2011-01-13T23:02:28+0000

I found a similar entry here to check for multiple headers to see if the user is using a proxy, which can help

determine if the user is using a proxy

user3884692 · Answer 6 · 2014-09-05T11:36:15+0000

Try it please

 function get_IP_address() { foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key){ if (array_key_exists($key, $_SERVER) === true){ foreach (explode(',', $_SERVER[$key]) as $IPaddress){ $IPaddress = trim($IPaddress); // Just to be safe if (filter_var($IPaddress, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) { return $IPaddress; } } } } }

Getting users Real IP using PHP

More articles: