Get correct visitor IP through CloudFlare

…衆ロ難τιáo~ 提交于 2019-12-24 03:30:13

问题


I'm using cPanel from someone else who resold it to me. This will probably mean I cannot use mod_cloudflare

I would like to get the visitor's IP and not CloudFlare IP. The part of code I'm using:

$_SERVER['REMOTE_ADDR']

That line will get the IP of cloud flare and not the original user's IP.

Is there any way I can get the original IP address from the visitor?


回答1:


Yes, but without access to the server configuration, you will be unable to utilize $_SERVER['REMOTE_ADDR'].

However, you can still use X-Forwarded-For and CF-Connecting-IP. Both would be available in the $_SERVER super-global.




回答2:


I used following Functions in my application: http://ipaddress.standingtech.com/ to exclude CloudFlare IP address

<?php

/*
 * @param $ips = array of IP address
 */
function clear_flare_ips($ips){
  foreach($ips as $index => $ip){
    if(is_in_flareips($ip)){
      unset($ips[$index]);
    }
  }
  ksort($ips);
  return $ips;
}

function is_in_flareips($ip){
 $flareips = getflareips();
 foreach($flareips as $range){
   if(ip_in_range( $ip, $range )){
    return true;
   }
 }
 return false;
}

function getallips(){
      if (isset($_SERVER['HTTP_CLIENT_IP']))
          $ipaddress[] = $_SERVER['HTTP_CLIENT_IP'];
      if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
          $ipaddress[] = $_SERVER['HTTP_X_FORWARDED_FOR'];
      if(isset($_SERVER['HTTP_X_FORWARDED']))
          $ipaddress[] = $_SERVER['HTTP_X_FORWARDED'];
      if(isset($_SERVER['HTTP_FORWARDED_FOR']))
          $ipaddress[] = $_SERVER['HTTP_FORWARDED_FOR'];
      if(isset($_SERVER['HTTP_FORWARDED']))
          $ipaddress[] = $_SERVER['HTTP_FORWARDED'];
      if(isset($_SERVER['REMOTE_ADDR']))
          $ipaddress[] = $_SERVER['REMOTE_ADDR'];
      if(count($ipaddress) == 0)
          $ipaddress[] = 'UNKNOWN';
      return $ipaddress;
}

function getflareips(){
  /*
  https://www.cloudflare.com/ips-v4
  */
  return array(
  '103.21.244.0/22',
  '103.22.200.0/22',
  '103.31.4.0/22',
  '104.16.0.0/12',
  '108.162.192.0/18',
  '131.0.72.0/22',
  '141.101.64.0/18',
  '162.158.0.0/15',
  '172.64.0.0/13',
  '173.245.48.0/20',
  '188.114.96.0/20',
  '190.93.240.0/20',
  '197.234.240.0/22',
  '198.41.128.0/17',
  '199.27.128.0/21'
  );
}

function ip_in_range( $ip, $range ) {
/**
 * Check if a given ip is in a network
 * @param  string $ip    IP to check in IPV4 format eg. 127.0.0.1
 * @param  string $range IP/CIDR netmask eg. 127.0.0.0/24, also 127.0.0.1 is accepted and /32 assumed
 * @return boolean true if the ip is in this range / false if not.
 */
    if ( strpos( $range, '/' ) == false ) {
        $range .= '/32';
    }
    // $range is in IP/CIDR format eg 127.0.0.1/24
    list( $range, $netmask ) = explode( '/', $range, 2 );
    $range_decimal = ip2long( $range );
    $ip_decimal = ip2long( $ip );
    $wildcard_decimal = pow( 2, ( 32 - $netmask ) ) - 1;
    $netmask_decimal = ~ $wildcard_decimal;
    return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );
}



回答3:


Akam's answer is too complicated and does not work. Here's a simpler way:

if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
  $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}


来源:https://stackoverflow.com/questions/30439436/get-correct-visitor-ip-through-cloudflare

标签
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!