How to get a user's client IP address in ASP.NET?

前端 未结 19 2547
时光取名叫无心
时光取名叫无心 2020-11-22 00:26

We have Request.UserHostAddress to get the IP address in ASP.NET, but this is usually the user\'s ISP\'s IP address, not exactly the user\'s machine IP address

相关标签:
19条回答
  • 2020-11-22 00:48

    If is c# see this way, is very simple

    string clientIp = (Request.ServerVariables["HTTP_X_FORWARDED_FOR"] ?? 
                       Request.ServerVariables["REMOTE_ADDR"]).Split(',')[0].Trim();
    
    0 讨论(0)
  • 2020-11-22 00:49

    Often you will want to know the IP address of someone visiting your website. While ASP.NET has several ways to do this one of the best ways we've seen is by using the "HTTP_X_FORWARDED_FOR" of the ServerVariables collection.

    Here's why...

    Sometimes your visitors are behind either a proxy server or a router and the standard Request.UserHostAddress only captures the IP address of the proxy server or router. When this is the case the user's IP address is then stored in the server variable ("HTTP_X_FORWARDED_FOR").

    So what we want to do is first check "HTTP_X_FORWARDED_FOR" and if that is empty we then simply return ServerVariables("REMOTE_ADDR").

    While this method is not foolproof, it can lead to better results. Below is the ASP.NET code in VB.NET, taken from James Crowley's blog post "Gotcha: HTTP_X_FORWARDED_FOR returns multiple IP addresses"

    C#

    protected string GetIPAddress()
    {
        System.Web.HttpContext context = System.Web.HttpContext.Current; 
        string ipAddress = context.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
    
        if (!string.IsNullOrEmpty(ipAddress))
        {
            string[] addresses = ipAddress.Split(',');
            if (addresses.Length != 0)
            {
                return addresses[0];
            }
        }
    
        return context.Request.ServerVariables["REMOTE_ADDR"];
    }
    

    VB.NET

    Public Shared Function GetIPAddress() As String
        Dim context As System.Web.HttpContext = System.Web.HttpContext.Current
        Dim sIPAddress As String = context.Request.ServerVariables("HTTP_X_FORWARDED_FOR")
        If String.IsNullOrEmpty(sIPAddress) Then
            Return context.Request.ServerVariables("REMOTE_ADDR")
        Else
            Dim ipArray As String() = sIPAddress.Split(New [Char]() {","c})
            Return ipArray(0)
        End If
    End Function
    
    0 讨论(0)
  • 2020-11-22 00:51

    What you can do is store the router IP of your user and also the forwarded IP and try to make it reliable using both the IPs [External Public and Internal Private]. But again after some days client may be assigned new internal IP from router but it will be more reliable.

    0 讨论(0)
  • 2020-11-22 00:52

    UPDATE: Thanks to Bruno Lopes. If several ip addresses could come then need to use this method:

        private string GetUserIP()
        {
            string ipList = Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
    
            if (!string.IsNullOrEmpty(ipList))
            {
                return ipList.Split(',')[0];
            }
    
            return Request.ServerVariables["REMOTE_ADDR"];
        }
    
    0 讨论(0)
  • 2020-11-22 00:53

    If you are using CloudFlare, you can try this Extension Method:

    public static class IPhelper
    {
        public static string GetIPAddress(this HttpRequest Request)
        {
            if (Request.Headers["CF-CONNECTING-IP"] != null) return Request.Headers["CF-CONNECTING-IP"].ToString();
    
            if (Request.ServerVariables["HTTP_X_FORWARDED_FOR"] != null) return Request.ServerVariables["HTTP_X_FORWARDED_FOR"].ToString();
    
            return Request.UserHostAddress;
        }
    }
    

    then

    string IPAddress = Request.GetIPAddress();
    
    0 讨论(0)
  • 2020-11-22 00:54

    As others have said you can't do what you are asking. If you describe the problem you are trying to solve maybe someone can help?

    E.g.

    • are you trying to uniquely identify your users?
    • Could you use a cookie, or the session ID perhaps instead of the IP address?

    Edit The address you see on the server shouldn't be the ISP's address, as you say that would be a huge range. The address for a home user on broadband will be the address at their router, so every device inside the house will appear on the outside to be the same, but the router uses NAT to ensure that traffic is routed to each device correctly. For users accessing from an office environment the address may well be the same for all users. Sites that use IP address for ID run the risk of getting it very wrong - the examples you give are good ones and they often fail. For example my office is in the UK, the breakout point (where I "appear" to be on the internet) is in another country where our main IT facility is, so from my office my IP address appears to be not in the UK. For this reason I can't access UK only web content, such as the BBC iPlayer). At any given time there would be hundreds, or even thousands, of people at my company who appear to be accessing the web from the same IP address.

    When you are writing server code you can never be sure what the IP address you see is referring to. Some users like it this way. Some people deliberately use a proxy or VPN to further confound you.

    When you say your machine address is different to the IP address shown on StackOverflow, how are you finding out your machine address? If you are just looking locally using ipconfig or something like that I would expect it to be different for the reasons I outlined above. If you want to double check what the outside world thinks have a look at whatismyipaddress.com/.

    This Wikipedia link on NAT will provide you some background on this.

    0 讨论(0)
提交回复
热议问题