Finding IP address of client connected through a p

2019-04-24 11:51发布

站内问答 / PHP
1682 4 5

Is there a way to collect the IP address of a client connected to your website through a proxy server?

The entire setup is an internal LAN and through the sysadmin, I have control over the proxy machine as well. I am using PHP5 for the website server side.

I tried $_SERVER['REMOTE_ADDR'] in PHP but this variable just stores the IP address of the proxy.

Any ideas?

4条回答
做自己的国王
2楼-- · 2019-04-24 12:16

This code can be used to get the client's IP address who's connecting through a proxy.

  public static String getClientIpAddr(HttpServletRequest request) {  
     String ip = request.getHeader("X-Forwarded-For");  

     if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
        ip = request.getHeader("Proxy-Client-IP");  
     }  

     if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
        ip = request.getHeader("WL-Proxy-Client-IP");  
     }  
     if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
        ip = request.getHeader("HTTP_CLIENT_IP");  
     }  

     if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
        ip = request.getHeader("HTTP_X_FORWARDED_FOR");  
     }

     if (ip == null || ip.length() == 0 || "unknown".equalsIgnoreCase(ip)) {  
        ip = request.getRemoteAddr();  
     }  

     return ip;  
  }

But it detects only when proxy is transparent.

Below is the information on HTTP proxy:

  1. Not using any proxy server:

    • request.getRemoteAddr() = IP address of client
    • request.getHeader("HTTP_X_FORWARDED_FOR") = No value or No display

  2. Use Transparent Proxies:

    • HTTP_X_FORWARDED_FOR = Real IP address of client

  3. Use Normal Anonymous Proxies:

    • request.getRemoteAddr() = IP address of proxy server
    • HTTP_X_FORWARDED_FOR = IP address of proxy server
查看更多
0人赞 添加讨论(0) 举报
相关推荐>>
3楼-- · 2019-04-24 12:31

X-Forwarded-For is the only way to get client's IP address. Check if there is a way to enable that in your proxy.

On some proxy, it gives you option how to handle existing XFF header (when request passes through multiple proxies). Here is what you need to consider,

  1. If the client address is for security/trust purposes (like ACL or rate-limiting), existing XFF header should be dropped by proxy.
  2. If the address is for information only (logging, debugging), you should append peer address to existing XFF, separated by comma. The first IP on the list would be the client's IP.
查看更多
0人赞 添加讨论(0) 举报
Summer. ? 凉城
4楼-- · 2019-04-24 12:32

It depends on the proxy. Some proxies add a header which gives the original IP address, the X-Forwarded-For header, but given that most companies uses proxies to hide the internal network structure that's rare. If this is the case then you're not going to be able to do it easily.

If you have control over the proxy then it's time to read the proxy documentation to see how to add that header.

查看更多
0人赞 添加讨论(0) 举报
戒情不戒烟
5楼-- · 2019-04-24 12:34

The standard solution (in php) is:

if ($_SERVER['HTTP_X_FORWARDED_FOR']){
    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} 
else{ 
    $ip = $_SERVER['REMOTE_ADDR'];
}

But as the first answer says this all depends on the header actually being set.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)