During the interview a few days ago, I was asked what would be the problem with the IP address obtained through $_SERVER['SERVER_ADDR']? It must be "if the user cannot obtain the real IP address through a proxy". Fortunately, the interviewer did not ask further questions. So how to get the user’s real IP address?
Analysis
Nowadays, many users do not dial-up directly to access the Internet, but access the Internet through routers or other proxies. If we want to obtain the real IP address of the user client, we cannot directly use
$_SERVER['SERVER_ADDR'], because the IP address obtained in this way may be a **LAN** IP such as 192.168.1.99, not The user’s public IP address.Fortunately, when our access request passes through the public network routing or proxy server, the terminal will add the
X-Forwarded-Forheader information to the HTTP request. We can use this request header to obtain the real identity of the client. IP address.
Code
<code><span><span><?php </span><span>/**
* 获取用户的真实ip地址
*<span> @return</span> string
*/</span><span><span>function</span><span>get_client_ip</span><span>()</span>{</span><span>$headers</span> = <span>array</span>(<span>'HTTP_X_REAL_FORWARDED_FOR'</span>, <span>'HTTP_X_FORWARDED_FOR'</span>, <span>'HTTP_CLIENT_IP'</span>, <span>'REMOTE_ADDR'</span>);
<span>foreach</span> (<span>$headers</span><span>as</span><span>$h</span>){
<span>$ip</span> = <span>$_SERVER</span>[<span>$h</span>];
<span>// 有些ip可能隐匿,即为unknown</span><span>if</span> ( <span>isset</span>(<span>$ip</span>) && strcasecmp(<span>$ip</span>, <span>'unknown'</span>) ){
<span>break</span>;
}
}
<span>if</span>( <span>$ip</span> ){
<span>// 可能通过多个代理,其中第一个为真实ip地址</span><span>list</span>(<span>$ip</span>) = explode(<span>', '</span>, <span>$ip</span>, <span>2</span>);
}
<span>/* 如果是服务器自身访问,获取服务器的ip地址(该地址可能是局域网ip)
if ('127.0.0.1' == $ip){
$ip = $_SERVER['SERVER_ADDR'];
}
*/</span><span>return</span><span>$ip</span>;
}
<span>?></span></span></span></code>
Copyright Statement: This article is an original article by the blogger and may not be reproduced without the blogger's permission.
The above introduces PHP to obtain the user's real IP, including aspects of the content. I hope it will be helpful to friends who are interested in PHP tutorials.
ip与mac绑定什么意思Mar 09, 2023 pm 04:44 PMip与mac绑定是指将特定的IP地址与特定的MAC地址关联起来,使得只有使用该MAC地址的设备才能够使用该IP地址进行网络通信。ip与mac绑定可以防止被绑定的主机的IP地址不被假冒,前提条件:1、MAC地址是唯一的,并且不可假冒;只能绑定与路由器直接相连的网络上的主机(也就是主机的网关在路由器上)。
网站怎么通过nginx设置黑/白名单IP限制及国家城市IP访问限制Jun 01, 2023 pm 05:27 PM一、黑/白名单IP限制访问配置nginx配置黑白名单有好几种方式,这里只介绍常用的两种方法。1、第一种方法:allow、denydeny和allow指令属于ngx_http_access_module,nginx默认加载此模块,所以可直接使用。这种方式,最简单,最直接。设置类似防火墙iptable,使用方法:直接配置文件中添加:#白名单设置,allow后面为可访问IPlocation/{allow123.13.123.12;allow23.53.32.1/100;denyall;}#黑名单设置,
微信怎么查看ip地址May 31, 2023 am 09:16 AM微信查看ip地址的方法:1、登录电脑版微信,右键点击屏幕下方的任务栏,点击“任务管理器”;2、弹出任务管理器时,点击左下角的“详细信息”;3、任务管理器进入“性能”选项,点击“打开资源监视器”;4、选择“网络”,勾选微信进程“Wechat.exe”;5、点击下面的“TCP连接”即可监视微信网络IP相关情况,发送消息得到回复就会显示他人的IP地址。
nginx如何设置目录白名单和ip白名单May 18, 2023 pm 03:52 PM1.设置目录白名单:对指定请求路径不设置限制,如对请求路径为api目录下的请求不做限制,则可写为server{location/app{proxy_passhttp://192.168.1.111:8095/app;limit_connconn20;limit_rate500k;limit_reqzone=fooburst=5nodelay;}location/app/api{proxy_passhttp://192.168.1.111:8095/app/api}}#因nginx会优先进行精准匹
基于nginx反向代理如何获取用户真实Ip地址May 13, 2023 pm 05:07 PM引言nginx做反向代理时,默认的配置后端获取到的Ip地址都来自于nginx,用request.getRemoteAddr();获取到的是nginx的ip地址,而不是用户的真实ip.1.修改Nginx配置:server{listen80;server_namejenkins.local.com;location/{proxy_set_headerHost$host;proxy_set_headerX-Real-IP$remote_addr;proxy_passhttp://192.168.10.
如何安装、卸载、重置Windows服务器备份Mar 06, 2024 am 10:37 AMWindowsServerBackup是WindowsServer操作系统自带的一个功能,旨在帮助用户保护重要数据和系统配置,并为中小型和企业级企业提供完整的备份和恢复解决方案。只有运行Server2022及更高版本的用户才能使用这一功能。在本文中,我们将介绍如何安装、卸载或重置WindowsServerBackup。如何重置Windows服务器备份如果您的服务器备份遇到问题,备份所需时间过长,或无法访问已存储的文件,那么您可以考虑重新设置WindowsServer备份设置。要重置Windows
Nginx对网段内ip的连接数限流如何配置May 12, 2023 am 11:07 AMnginx中的所谓连接数限制,其实是tcp连接,也就是请求方通过三次握手后成功建立的连接状态。nginx一般为我们提供了ngx_http_limit_conn_module模块来提供限制连接功能。该模块可以根据定义的键来限制每个键值的连接数,如同一个ip来源的连接数。ngx_http_limit_conn_module指令解释syntax:limit_connzonenumber;default:—context:http,server,location该指令描述会话状态存储区域。键的状态中保存
ip冲突怎么解决Aug 28, 2023 pm 02:29 PMip冲突可以通过使用IP扫描工具、重新分配IP地址、重启设备、更新网络拓扑和使用子网划分等方法解决。详细介绍:1、 使用IP扫描工具;2、重新分配IP地址;3、重启设备;4、更新网络拓扑;5、使用子网划分。
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
AI Hentai Generator
Generate AI Hentai for free.
Hot Article
Hot Tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
SublimeText3 Linux new version
SublimeText3 Linux latest version
SecLists
SecLists is the ultimate security tester's companion. It is a collection of various types of lists that are frequently used during security assessments, all in one place. SecLists helps make security testing more efficient and productive by conveniently providing all the lists a security tester might need. List types include usernames, passwords, URLs, fuzzing payloads, sensitive data patterns, web shells, and more. The tester can simply pull this repository onto a new test machine and he will have access to every type of list he needs.
WebStorm Mac version
Useful JavaScript development tools
SublimeText3 English version
Recommended: Win version, supports code prompts!
