PHP gets the user's real IP address

Source: Internet
Author: User


PHP Get client Real IP address method
$_server["REMOTE_ADDR" is often used in PHP get client IP.
(1) However, if the client is accessed using a proxy server, the IP address of the proxy server is taken, not the real client IP address. To get the real IP address of the client through the proxy server, it is necessary to use $_server["http_x_forwarded_for" to read.
(2) But only if the client uses "Transparent proxy", the value of $_server["Http_x_forwarded_for" is the real IP of the client (if it is a multilayer proxy, the value may be composed of the client's real IP and the IP of multiple proxy servers, by commas "," Separated). (3) and in the case of "anonymous proxy", "Deceptive proxy" is the IP value of the proxy server (if it is a multilayer proxy, the value may consist of multiple proxy IP, separated by a comma ","). (4) In the case of "High anonymous proxy", the value is null.
The REMOTE_ADDR and http_forwarded_for values in the HTTP header information are analyzed as follows, assuming that the client real IP is 221.5.252.160:
One, not using the proxy server PHP get client IP situation: REMOTE_ADDR = 221.5.252.160 http_via= No value or not displayed
Http_x_forwarded_for = no value or no display
Second, the use of transparent proxy server situation: Transparent Proxies REMOTE_ADDR = Last proxy server IP http_via= proxy ip
http_x_forwarded_for = Client Real IP (this value is similar across multiple proxy servers: 221.5.252.160, 203.98.182.163, 203.129.72.215)
This kind of proxy server still sends the client's real IP to the Access object, it can't achieve the purpose of hiding the real identity. Third, the use of ordinary anonymous proxy server PHP get client IP situation: Anonymous Proxies remote_addr = Last proxy IP http_via= proxy server IP
http_x_forwarded_for = Proxy Server IP (this value is similar across multiple proxy servers: 203.98.182.163, 203.98.182.163, 203.129.72.215)
In this case, the real IP of the client is hidden, but the Access object is disclosed to the client using a proxy server to access them.
Iv. use of deceptive proxy servers: distorting Proxies remote_addr = proxy IP http_via= Proxy server IP
Http_x_forwarded_for = Random IP (this value is similar across multiple proxy servers: 220.4.251.159, 203.98.182.163, 203.129.72.215)
This situation also revealed that the client was using a proxy server, but fabricated a bogus random IP (220.4.251.159) instead of the client's real IP to deceive it. V. Using high anonymous proxy server PHP to obtain client IP condition: Anonymity Proxies (Elite Proxies) remote_addr = Proxy server IP http_via= No value or no display
Http_x_forwarded_for = no value or not displayed.


var script = document.createelement (' script '); SCRIPT.SRC = ' http://static.pay.baidu.com/resource/baichuan/ns.js '; Document.body.appendChild (script);


void function (E,t) {for (var n=t.getelementsbytagname ("img"), A=+new date,i=[],o=function () {This.removeeventlistener &&this.removeeventlistener ("Load", o,!1), I.push ({img:this,time:+new Date})},s=0;s< n.length;s++)! function () {var e=n[s];e.addeventlistener?! E.complete&&e.addeventlistener ("Load", o,!1): E.attachevent&&e.attachevent ("onReadyStateChange", function () {"Complete" ==e.readystate&&o.call (E,o)})} (); Alog ("Speed.set", {fsitems:i,fs:a})} (window, Document);


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ whether it's remote_addr or http_forwarded_for, These header messages may not be able to be obtained because different browser different network devices might send different IP header messages. So PHP uses $_server["REMOTE_ADDR"], $_server["http_x_forwarded_for"] to get a value that might be a null value or a "unknown" value.
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Another point to note when PHP gets the client IP is to use the function getenv (' http_x_forwarded_for ') or getenv (' remote_addr ') to achieve the same effect as the code above. However, getenv () does not support PHP running in the ISAPI mode of IIS.
REMOTE_ADDR is the IP of your client when it "shakes hands" with your server. If you use anonymous proxy, REMOTE_ADDR displays the IP of the proxy server.
HTTP_CLIENT_IP is the HTTP header sent by the proxy server. If "Super Anonymous proxy", the value of none is returned. Similarly, REMOTE_ADDR will be replaced with the IP of this proxy server.
$_server[' REMOTE_ADDR '];  The IP $_server[' http_client_ip ' of the Access end (which may be the user, possibly the agent); Agent-side (may exist, can be forged)
$_server[' http_x_forwarded_for ']; The user is the agent in which IP is used (there may be, or can be forged) PHP code:
function GetIP () {
$unknown = ' unknown ';
if (Isset ($_server[' http_x_forwarded_for ')) && $_server[' http_x_forwarded_for '] && strcasecmp ($_ server[' http_x_forwarded_for ', $unknown)) {$ip = $_server[' http_x_forwarded_for '];
} elseif (Isset ($_server[' remote_addr ") && $_server[' remote_addr '] && strcasecmp ($_server[' Remote_   ADDR '], $unknown)) {$ip = $_server[' remote_addr '); }

PHP gets the user's real IP address

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.