$_server["REMOTE_ADDR" is often used in PHP to obtain client IP.
(1) But if the client is using a proxy server for access, then the IP address of the proxy server is taken, not the real client IP address. To obtain the client's true IP address through a proxy server, you must use $_server["http_x_forwarded_for" to read it.
(2) But only if the client uses "Transparent proxy", the value of the $_server["Http_x_forwarded_for" is the client's true IP (if it is a multi-layer proxy, the value may be composed of IP and multiple proxy servers by the client, by commas "," Delimited).
(3) In the case of "anonymous agent" or "deceptive Agent", the IP value of the proxy server (if it is a multi-layer proxy, this value may be composed of IP of multiple proxy servers, separated by commas ",").
(4) is a null value in the case of "high anonymous agent".
The REMOTE_ADDR and Http_forwarded_for values in HTTP header information are analyzed as follows, assuming that the client real IP is 221.5.252.160:
One, do not use proxy server PHP to obtain client IP situation:
Second, the use of transparent proxy server situation: transparent proxies
This kind of proxy server still sends the client real IP to the Access object, cannot achieve the goal which hides the true identity.
Third, the use of ordinary anonymous proxy server PHP to obtain client IP situation: Anonymous proxies
In this case, the client's true IP is hidden, but it is revealed to the Access object that the client uses a proxy server to access them.
Iv. use of deceptive proxy servers: distorting proxies
This case also revealed that the client is using a proxy server, but fabricated a false random IP (220.4.251.159) instead of the client's real IP to deceive it.
V. Use high anonymous proxy server PHP to obtain client IP situation: Gao anonymity proxies (Elite proxies)
Http_via= no value or no display
Http_x_forwarded_for = no value or no display.
Either REMOTE_ADDR or http_forwarded_for, these header messages may not be able to be obtained because different browser different network devices may send different IP header messages. So PHP uses $_server["REMOTE_ADDR"], $_server["http_x_forwarded_for"] to get a value that might be a null value or a "unknown" value.
Another point to note when PHP gets the client IP is that using the function getenv (' http_x_forwarded_for ') or getenv (' remote_addr ') can achieve the same effect as the code above. But getenv () does not support PHP that runs in the IIS ISAPI mode.
REMOTE_ADDR is the IP of your client when you "shake hands" with your server. If you use anonymous agent, REMOTE_ADDR will display the IP of the proxy server.
HTTP_CLIENT_IP is the HTTP header sent by the proxy server. If it is a "Super anonymous Agent", the None value is returned. Similarly, REMOTE_ADDR will also be replaced with the IP of this proxy server.
$_server[' REMOTE_ADDR ']; IP of the access end (possibly a user, possibly a proxy)
$_server[' Http_client_ip ']; Agent-side (may exist, may be forged)
$_server[' http_x_forwarded_for ']; The user is in which IP to use the proxy (may exist, can also forge)
The PHP code written according to the above:
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
