Home >Backend Development >PHP Tutorial >Use PHP to get client and server IP

Use PHP to get client and server IP

王林
王林forward
2019-08-19 16:01:145733browse

1. PHP gets the client IP

When PHP gets the client IP, $_SERVER["REMOTE_ADDR"] is often used. But if the client uses a proxy server to access, what is obtained is the IP address of the proxy server, not the real client IP address. To obtain the client's real IP address through the proxy server, use $_SERVER["HTTP_X_FORWARDED_FOR"] to read it.

But only when the client uses a "transparent proxy", the value of $_SERVER["HTTP_X_FORWARDED_FOR"] is the real IP of the client (if it is a multi-layer proxy, this value may be the real IP of the client) IP and the IP of multiple proxy servers, separated by commas ","); in the case of "anonymous proxy" and "deceptive proxy", it is the IP value of the proxy server (if it is a multi-layer proxy, this value may be Composed of multiple proxy server IPs, separated by commas ","); in the case of "high anonymity proxy" it is an empty value.

REMOTE_ADDR is the IP when your client "handshakes" with your server. If an "anonymous proxy" is used, REMOTE_ADDR will display the IP of the proxy server.
HTTP_CLIENT_IP is the HTTP header sent by the proxy server. If it is a "super anonymous proxy", a value of none is returned. Likewise, REMOTE_ADDR will be replaced with the IP of this proxy server.

$_SERVER['REMOTE_ADDR']; //Accessor IP (may be a user, a proxy server, or a reverse proxy server)
$_SERVER['HTTP_CLIENT_IP' ]; //Agent-side (may exist, can be forged), not yet a standard, not necessarily implemented by all servers.
$_SERVER['HTTP_X_FORWARDED_FOR']; //Which IP is the proxy for the user to use (it may exist or can be forged). There is a standard definition used to identify the client IP address after HTTP proxy. The format is: clientip,proxy1,proxy2. For a detailed explanation, see http://zh.wikipedia.org/wiki/X-Forwarded-For.

The difference between the three values ​​is as follows:

1. When no proxy server is used:

REMOTE_ADDR = Your IP
HTTP_VIA = None Value or no display
HTTP_X_FORWARDED_FOR = No value or no display

2. When using a transparent proxy server: Transparent Proxies

REMOTE_ADDR = Last proxy server IP
HTTP_VIA = Proxy server IP
HTTP_X_FORWARDED_FOR = Your real IP. When passing through multiple proxy servers, this value is similar to the following: 203.98.182.163, 203.98.182.163, 203.129.72.215.

This type of proxy server still forwards your information to your visitor, which cannot achieve the purpose of hiding your true identity.

3. When using ordinary anonymous proxy servers: Anonymous Proxies

REMOTE_ADDR = Last proxy server IP
HTTP_VIA = Proxy server IP
HTTP_X_FORWARDED_FOR = Proxy server IP, when passing through multiple proxy servers, this value is similar to the following: 203.98.182.163, 203.98.182.163, 203.129.72.215.

Hides your real IP, but reveals to the target audience that you are using a proxy server to access them.

4. The use of deceptive proxy servers: Distorting Proxies

REMOTE_ADDR = Proxy server IP
HTTP_VIA = Proxy server IP
HTTP_X_FORWARDED_FOR = Random IP, when passing through multiple proxy servers, this value is similar to the following: 203.98.182.163, 203.98.182.163, 203.129.72.215.

Tell the visitor that you are using a proxy server, but make up a fake random IP instead of your real IP to trick it.

5. When using a high-anonymity proxy server: High Anonymity Proxies (Elite proxies)

REMOTE_ADDR = Proxy server IP
HTTP_VIA = No value or not displayed
HTTP_X_FORWARDED_FOR = No value or not displayed. When passing through multiple proxy servers, this value is similar to the following: 203.98.182.163, 203.98.182.163, 203.129.72.215.

Completely replaces all your information with the proxy server's information, just like you are using that proxy server to directly access the object.

Sample code:

//获取用户IP, 定义一个函数getIP()
function getClientIP(){
if (getenv("HTTP_CLIENT_IP")) {
	$ip = getenv("HTTP_CLIENT_IP");
}elseif(getenv("HTTP_X_FORWARDED_FOR")) {
	$ip = getenv("HTTP_X_FORWARDED_FOR");
}elseif(getenv("REMOTE_ADDR")) {
$ip = getenv("REMOTE_ADDR");
	else $ip = "Unknow";
}
return $ip;
}
或者
function getClientIp() {
	$ip = 'unknow';
    foreach (array(
                'HTTP_CLIENT_IP',
                'HTTP_X_FORWARDED_FOR',
                'HTTP_X_FORWARDED',
                'HTTP_X_CLUSTER_CLIENT_IP',
                'HTTP_FORWARDED_FOR',
                'HTTP_FORWARDED',
                'REMOTE_ADDR') as $key) {
        if (array_key_exists($key, $_SERVER)) {
            foreach (explode(',', $_SERVER[$key]) as $ip) {
                $ip = trim($ip);
                //会过滤掉保留地址和私有地址段的IP,例如 127.0.0.1会被过滤
                //也可以修改成正则验证IP
                if ((bool) filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE)) {
                    return $ip;
                }
            }
        }
    }
    return $ip;
}

2.php Get server-side IP

Server-side IP related variables
a. $_SERVER[" SERVER_NAME"], you need to use the function gethostbyname() to obtain it. This variable displays correctly on both the server and client sides.

b. $_SERVER["SERVER_ADDR"], tested on the server side: 127.0.0.1 (this is related to the setting value of BindAddress in httpd.conf). The test results on the client are correct.

/**
* 获取服务器端IP地址
 * @return string
 */
function getServerIp() { 
    if (isset($_SERVER)) { 
        if($_SERVER['SERVER_ADDR']) {
            $server_ip = $_SERVER['SERVER_ADDR']; 
        } else { 
            $server_ip = $_SERVER['LOCAL_ADDR']; 
        } 
    } else { 
        $server_ip = getenv('SERVER_ADDR');
    } 
    return $server_ip; 
}
或者
function getServerIP(){    
    return gethostbyname($_SERVER["SERVER_NAME"]);    
}

For more related questions, please visit the PHP Chinese website related question tutorials: https://www.php.cn/

The above is the detailed content of Use PHP to get client and server IP. For more information, please follow other related articles on the PHP Chinese website!

Statement:
This article is reproduced at:csdn.net. If there is any infringement, please contact admin@php.cn delete