• 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Getting real IP behind a Proxy

#1
My site is behind the cloudproxy firewall from Securi.net

Using $ip = $this->input->ip_address() does not give me the real IP of visitors or myself.  I know that using that code is supposed to give the real IP from behind proxys, but it doesnt seem to do so.

Is there a work around for this that is secure? Or am I stuck with this? I have read several threads here, and there doesnt seem to be a valid work around.

Thank you
Reply

#2
With further reading, I am finding this is just about impossible

So I will refer this question to the cloudproxy firewall hosts and see if they can allow me to get the real addresses.

Thank you for reading
Reply

#3
The x-forwarded-host header might help, if that is forwarded by cloudproxy ...
https://developer.mozilla.org/en-US/docs...arded-Host
Reply

#4
I have Cloudflare in front of my site. Setting Cloudfront IP addresses to config.php file as $config['proxy_ips'] helped to get the real IP addresses of the user. Easy peasy.
Reply

#5
One way to retrieve real ip is to put this code on initialization(I used this for Cloudflare)

if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
$xffaddrs = explode(',',$_SERVER['HTTP_X_FORWARDED_FOR']);
$_SERVER['REMOTE_ADDR'] = $xffaddrs[0];
}
Reply

#6
Thanks folks, will try your suggestions!
Reply

#7
So far I have the firewall IP, and the remote IP. Thats all I can get. Both lock me out of my admin once I put it in the config. Other than that, I have no idea what to put in the config ip proxy setting

I tried to get the forwarded for ip, nothing. I put the below in, and got remote. I know its not secure and didnt leave it  in


Code:
if (!empty($_SERVER["HTTP_CLIENT_IP"]))
   {
     //check for ip from share internet
     $ip = $_SERVER["HTTP_CLIENT_IP"];
     echo "Client IP" . $ip;
   }
 if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
   {
     // Check for the Proxy User
     $ip2 = $_SERVER["HTTP_X_FORWARDED_FOR"];
     echo "forwarded for " . $ip2;
   }

     $ip3 = $_SERVER["REMOTE_ADDR"];
     echo "remote" . $ip3;
Reply

#8
I found this not sure if it will help:

PHP Code:
if (isset($_SERVER['HTTP_X_SUCURI_CLIENTIP']))
{
 
   $_SERVER["REMOTE_ADDR"] = $_SERVER['HTTP_X_SUCURI_CLIENTIP'];

What did you Try? What did you Get? What did you Expect?

Joined CodeIgniter Community 2009.  ( Skype: insitfx )
Reply

#9
If you would simply check $_SERVER and all HTTP headers, you'd probably see what you need. It looks like InsiteFX has your answer.
Reply

#10
Thank you InsiteFX, will try it
Reply


Digg   Delicious   Reddit   Facebook   Twitter   StumbleUpon  


  Theme © 2014 iAndrew  
Powered By MyBB, © 2002-2020 MyBB Group.