Hello and welcome to our community! Is this your first visit?
Register
Enjoy an ad free experience by logging in. Not a member yet? Register.
Results 1 to 4 of 4
  1. #1
    New Coder
    Join Date
    Mar 2008
    Posts
    25
    Thanks
    4
    Thanked 0 Times in 0 Posts

    Recursive function to detect IP address if forwarded by proxy server?

    Question about getting the user's IP address via PHP:

    The code snippet below tests if the the user's IP address has been forwarded by a proxy server. If it has been forwarded, then it tries to find where it was forwarded from. Otherwise the IP address is set to the $ip variable.

    Code:
    $ip = isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
    I have three questions:

    1- Is there a way to turn this into a recursive function in case the user is behind several proxy servers?

    2- How difficult is it for users to mask their IP addresses to subvert functions like the one above?

    3- Is it practical to ban users by IP address? Or are there too many loopholes and/or shared IP addresses.

    Thanks in advance for your thoughts.

    Mike

  • #2
    New Coder
    Join Date
    Mar 2009
    Posts
    52
    Thanks
    4
    Thanked 6 Times in 6 Posts
    I'm not an expert on internet architecture, but I've recently spent a lot of time investigating how to properly use proxies to secure yourself on the web, so I'm pretty sure the answers are:

    1) No. You can't look back any farther than the data you already have, at least not in an automated fashion. Where the proxy got the request from is a piece of data known only to the proxy, and they don't have to tell if they don't want to.

    2) Not very difficult at all. In about 10 minutes you can download a free browser (Tor Browser) that will automatically forward all your internet requests through multiple anonymous proxies, making it literally impossible for anyone to track where the request actually originated from. Even the tor network itself can't even tell you where the original request came from. If you read up on the Tor Browser and how it works, that will give you a good starting point to get more detailed answers to your questions.

    3) It probably is practical to ban users by IP Address. Although there are many ways to get around an IP address ban, the vast majority of users will not know this, and so will be quite stuck when you ban their IP address. So banning an IP won't fix 100% of your problems, but it will fix 99% of them. Usually, that's good enough.

  • Users who have thanked cmancone for this post:

    snapplepitchcoc (03-12-2009)

  • #3
    God Emperor Fou-Lu's Avatar
    Join Date
    Sep 2002
    Location
    Saskatoon, Saskatchewan
    Posts
    16,980
    Thanks
    4
    Thanked 2,659 Times in 2,628 Posts
    1. Not unless you have a lot of power on the previous routers or servers. You can try a tracert but that will only list up to the last router.
    2. Not difficult
    3. No, ip bans are only useful for problematic users that are not computer savvy. Banning entire submasks would work, but that will cut down on a lot of potential visitors.


    As for you're above, I believe REMOTE_ADDR is always available. You're code is backwards, you should test for the existance of the HTTP_X_FORWARDED_FOR value first. X_FROWARDED_FROM also includes any internal networks as well, so you need to determine that. There is also HTTP_FROM and HTTP_VIA, but I've never seen the HTTP_VIA ever set.
    PHP Code:
    header('HTTP/1.1 420 Enhance Your Calm'); 

  • Users who have thanked Fou-Lu for this post:

    snapplepitchcoc (03-12-2009)

  • #4
    New Coder
    Join Date
    Mar 2008
    Posts
    25
    Thanks
    4
    Thanked 0 Times in 0 Posts
    Great info. Many thanks for the replies.

    Much appreciated.


  •  

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •