How to get ip from a user using php?

5

I'm using the getenv("REMOTE_ADDR") function to get the ip of users who enter a certain page of my site and then I made a if to redirect that ip that is not equal to the variable of ip allowed. But when I play in the hosting it does not catch the ip of who is accessing but another ip .

Does anyone know why or do you know another method?

<?php

    $pegar_ip = $_SERVER["REMOTE_ADDR"];
    $ip_permitido = "ip_permitido";

    if ($pegar_ip == $ip_permitido) 
    {
       echo 'Ip Permitido!';
    } 
    else 
    { 
        header("Location: url");
    }

?>
    
asked by anonymous 23.01.2017 / 21:49

3 answers

8

If you are not using services such as CloudFlare , Incapsula or Sucuri , you can use

$_SERVER['REMOTE_ADDR'];

This will return the user's IP, if it is using proxy it will return the IP of the proxy it is using, however it is better than trusting X-FORWARDED-FOR .

If you are using CloudFlare :

$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];

If you are using Incapsula :

$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_INCAP_CLIENT_IP'];

If you are using Sucuri :

$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_SUCURI_CLIENTIP'];

Remember that it is extremely necessary to resort to direct connections to the server, restricting access to the site for connections originating from these services. Otherwise, it will allow an IP Spoofing. This is because any header can be changed or inserted by the client, in which case it could include an arbitrary HTTP_CF_CONNECTING_IP and send the request outside of CloudFlare.

In this case, CloudFlare only authorizes access to CloudFlare IPs , this will prevent someone from connecting directly to your server and specify an arbitrary HTTP_CF_CONNECTING_IP fault, #.

    
24.01.2017 / 07:14
3

The simplest way to get the IP address would be to use the $_SERVER variable, such as $_SERVER['REMOTE_ADDR'] or $_SERVER['REMOTE_HOST'] . However, these 2 variables do not always return the correct IP of the user / visitor, so you can use other variables, the best way to do this would be to create a function. I recommend that you look at the topic of the source, even in English, for an explanation and even better ideas.

Basically by creating a simple function:

function get_client_ip() {
    $ipaddress = '';
    if (isset($_SERVER['HTTP_CLIENT_IP']))
        $ipaddress = $_SERVER['HTTP_CLIENT_IP'];
    else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
        $ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
    else if(isset($_SERVER['HTTP_X_FORWARDED']))
        $ipaddress = $_SERVER['HTTP_X_FORWARDED'];
    else if(isset($_SERVER['HTTP_FORWARDED_FOR']))
        $ipaddress = $_SERVER['HTTP_FORWARDED_FOR'];
    else if(isset($_SERVER['HTTP_FORWARDED']))
        $ipaddress = $_SERVER['HTTP_FORWARDED'];
    else if(isset($_SERVER['REMOTE_ADDR']))
        $ipaddress = $_SERVER['REMOTE_ADDR'];
    else
        $ipaddress = 'UNKNOWN';
    return $ipaddress;
}
  

This function is not my own, but rather from a forum user stackoverflow, look at the source.

Source: Stackoverflow in English

    
23.01.2017 / 21:56
-1

Try this code:

<?PHP

function getUserIP()
{
    $client  = @$_SERVER['HTTP_CLIENT_IP'];
    $forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
    $remote  = $_SERVER['REMOTE_ADDR'];

    if(filter_var($client, FILTER_VALIDATE_IP))
    {
        $ip = $client;
    }
    elseif(filter_var($forward, FILTER_VALIDATE_IP))
    {
        $ip = $forward;
    }
    else
    {
        $ip = $remote;
    }

    return $ip;
}


$user_ip = getUserIP();

echo $user_ip; // Output IP address [Ex: 177.87.193.134]


?>

Do not forget to not access your page through the https://localhost link, instead, access the www.nomedoseusite.com link if you're hosted or IP :

https://192.168.0.1 //Seu número de IP
    
15.09.2017 / 03:01