$ _ SERVER [& quot; REMOTE_ADDR & quot;] is often used to obtain the client IP address in PHP. However, if the client uses a proxy SERVER to access the client IP address in PHP, $ _ SERVER ["REMOTE_ADDR"] is often used. However, if the client is accessed by a proxy server, the IP address of the proxy server is obtained, rather than the real IP address of the client. To obtain the real IP address of the client through the proxy SERVER, use $ _ SERVER ["HTTP_X_FORWARDED_FOR"] to read it.
But only when the client uses a "transparent proxy", the value of $ _ SERVER ["HTTP_X_FORWARDED_FOR"] is the real IP address of the client (if it is a multi-layer proxy, this value may be composed of the real IP address of the client and the IP addresses of multiple proxy servers, separated by commas ), in the case of "anonymous proxy" and "fraudulent proxy", it is the IP address of the proxy server (if it is a multi-layer proxy, this value may be composed of the IP addresses of multiple proxy servers, separated by commas (,). The value is null in the case of "high anonymous proxy.
The REMOTE_ADDR and HTTP_FORWARDED_FOR values in the HTTP header are described in detail below. assume that the real IP address of the client is 221.5.252.160:
1. PHP that does not use the proxy server to obtain the client IP address:
REMOTE_ADDR = client IP address
HTTP_X_FORWARDED_FOR = no value or no Display
II. Transparent Proxy Server: Transparent Proxies
REMOTE_ADDR = IP address of the last proxy server
HTTP_X_FORWARDED_FOR = real client IP address (when multiple proxy servers are used, this value is similar to: 221.5.252.160, 203.98.1820.3, 203.129.72.215)
This type of proxy server still sends the real IP address of the client to the access object, which cannot hide the real identity.
3. use PHP on the normal Anonymous proxy server to obtain the client IP address: Anonymous Proxies
REMOTE_ADDR = IP address of the last proxy server
HTTP_X_FORWARDED_FOR = proxy server IP address (when multiple proxy servers are used, this value is similar to: 203.98.1820.3, 203.98.1820.3, 203.129.72.215)
In this case, the real IP address of the client is hidden, but the client accesses the client by using a proxy server.
IV. destorting Proxies
REMOTE_ADDR = proxy server IP address
HTTP_X_FORWARDED_FOR = random IP address (when multiple proxy servers are used, this value is similar to: 220.4.251.159, 203.98.1820.3, 203.129.72.215)
In this case, we also revealed that the client uses a proxy server, but fabricated a false random IP address (220.4.251.159) to replace the real IP address of the client to cheat it.
5. use PHP on the highly anonymous proxy server to obtain the client IP address: High Anonymity Proxies (Elite proxies)
REMOTE_ADDR = proxy server IP address
HTTP_X_FORWARDED_FOR = no value or no Display
Whether it is REMOTE_ADDR or HTTP_FORWARDED_FOR, these header messages may not be obtained, because different network devices in different browsers may send different IP header messages. Therefore, PHP uses $ _ SERVER ["REMOTE_ADDR"] and $ _ SERVER ["HTTP_X_FORWARDED_FOR"] to obtain a null value or an "unknown" value.
Therefore, the code for getting the client IP address using PHP can be as follows:
Function getip () {$ unknown = 'unknown '; if (isset ($ _ SERVER ['http _ X_FORWARDED_FOR']) & $ _ SERVER ['http _ X_FORWARDED_FOR '] & strcasecmp ($ _ SERVER ['http _ X_FORWARDED_FOR'], $ unknown )) {$ ip = $ _ SERVER ['http _ X_FORWARDED_FOR '];} elseif (isset ($ _ SERVER ['remote _ ADDR']) & $ _ SERVER ['remote _ ADDR '] & strcasecmp ($ _ SERVER ['remote _ ADDR'], $ unknown )) {$ ip = $ _ SERVER ['remote _ ADDR '];}/*** handle multi-layer proxies * or use Regular expression: $ ip = preg_match ("/[\ d \.] * {7, 15}/", $ ip, $ matches )? $ Matches [0]: $ unknown; */if (false! = Strpos ($ ip, ',') $ ip = reset (explode (',', $ ip); return $ ip ;}