Finding IP address of client connected through a proxy

Question

Hi guys,

Is there a way to collect the IP address of a client connected to your website through a proxy server?

The entire setup is an internal LAN and through the sysadmin, I have control over the proxy machine as well. I am using PHP5 for the website server side.

I tried $_SERVER['REMOTE_ADDR'] in PHP but this variable just stores the IP address of the proxy.

Any ideas?

Answer 1

It depends on the proxy. Some proxies add a header which gives the original IP address, the X-Forwarded-For header, but given that most companies uses proxies to hide the internal network structure that's rare. If this is the case then you're not going to be able to do it easily.

If you have control over the proxy then it's time to read the proxy documentation to see how to add that header.

Answer 2

X-Forwarded-For is the only way to get client's IP address. Check if there is a way to enable that in your proxy.

On some proxy, it gives you option how to handle existing XFF header (when request passes through multiple proxies). Here is what you need to consider,

1. If the client address is for security/trust purposes (like ACL or rate-limiting), existing XFF header should be dropped by proxy.
2. If the address is for information only (logging, debugging), you should append peer address to existing XFF, separated by comma. The first IP on the list would be the client's IP.

Answer 3

As the article says (quote)

The standard solution (in php) is:

if ($_SERVER['HTTP_X_FORWARD_FOR']){ $ip = $_SERVER['HTTP_X_FORWARD_FOR'];} else{ $ip = $_SERVER['REMOTE_ADDR'];}

but as the first answer says this all depends on the header actually being set.