2

I just have the problem that I want to get the visitors IP Address. Everythings fine but one user just give me the IPv6. This is the code I can give you, moreover I just had installed the cloudflare apache2 Mod.

 $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"] ? $_SERVER["HTTP_CF_CONNECTING_IP"] : $_SERVER["REMOTE_ADDR"];
 $ip = $_SERVER['REMOTE_ADDR'];

 if(isset($_SERVER['HTTP_CF_CONNECTING_IP'])){
     $ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
 }
WLFCRK
  • 59
  • 1
  • 10
  • 1
    The IPv6 address *is* the user's address. Why do you assume they have an IPv4 address? – Sander Steffann Mar 30 '16 at 05:18
  • I know that this is the users address. Okay, I've got a websocket connection where I got a IPv4 from the same User, so I need to compare these two values. – WLFCRK Apr 03 '16 at 20:14

2 Answers2

5

The only way to do this would be to disable IPv6 support in CloudFlare by:

1) In DNS removing all AAAA records (leaving only A records). 2) Going into the Network on the CloudFlare dashboard and turning off "IPv6 Compatibility".

I would not recommend this though; you might soon find yourself with people unable to connect to your site. Instead it is a better idea to make sure your platform fully supports IPv6.

mjsa
  • 4,221
  • 1
  • 25
  • 35
  • CF now forces users to enable IPV6 compatibility, and only using API can turn off this setting. – Neveroldmilk Oct 27 '22 at 03:09
  • This is a huge defect in cloudflare, still there as of 2023. If you define only A records, but the user has both ipv4 and ipv6, then cloudflare records seem to prefer the ipv6, even though the destination to your origin server is ipv4. They seem pretty unwilling to budge or fix this, so the only way to work around is disable the orange cloud and proxy directly to your origin server. – jjxtra May 15 '23 at 16:34
1

Note that CF makes it's slightly more difficult to disable ipv6 (it's not possible from the gui, must be done by api) BUT they now include an option for to add a 'Pseudo IPv4' address to the headers - either by overwritting Cf-Connecting-IP and X-Forwarded-For or by adding a Cf-Pseudo-IPv4 header.

This can be quite handy as a stop-gap for legacy applications that don't (yet) support ipv6 - https://support.cloudflare.com/hc/en-us/articles/202494830-Pseudo-IPv4-Supporting-IPv6-addresses-in-legacy-IPv4-applications

aland
  • 1,824
  • 2
  • 26
  • 43
  • Sidenote: location base on these pseudo IPv4 values usually returns empty results. As Cloudflare says: "Class E IPv4 addresses are designated as experimental and are not used for production Internet traffic." – Flame Dec 16 '19 at 14:59