How to Get IP Address?

Question

I want to get the ip address whoever is registering in my site. How to do this in ASPNET. I used the following code, but, it is not getting the proper IP Address

string ipaddress = Request.UserHostAddress;

1. [http://www.w3schools.com/asp/coll_servervariables.asp](http://www.w3schools.com/asp/coll_servervariables.asp) 2. [http://balanagaraj.wordpress.com/2008/01/07/get-users-country-name-using-ip-address/](http://balanagaraj.wordpress.com/2008/01/07/get-users-country-name-using-ip-address/) — solairaja, Dec 15 '09 at 12:50
possible duplicate of [How to get a user's client IP address in ASP.NET?](http://stackoverflow.com/questions/735350/how-to-get-a-users-client-ip-address-in-asp-net) — Jon Schneider, Jun 10 '15 at 17:54

score 76 · Accepted Answer · edited Jan 03 '14 at 20:13

76

You can use this method to get the IP address of the client machine.

public static String GetIP()
{
    String ip = 
        HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];

    if (string.IsNullOrEmpty(ip))
    {
        ip = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
    }

    return ip;
}

edited Jan 03 '14 at 20:13

p.campbell

98,673
67
256
322

answered Dec 15 '09 at 12:46

Muhammad Akhtar

51,913
37
138
191

3

Split HTTP_X_FORWARDED_FOR and selecting last is better- see answer http://stackoverflow.com/a/13249280/52277 – Michael Freidgeim May 01 '14 at 05:08
8

`X-Forwarded-For` can contain multiple IP addresses. – Gabriel Nov 03 '14 at 00:50

Wouter Simons · Answer 2 · 2013-11-29T15:37:02.790

In a situation where you use the IP address for security you should be aware of your infrastructure.

If you are using a proxy between your web server and your clients that sets the header, you should be able to trust the last address. Then you use the code like Muhammed suggested with an update to always get the last IP address from the forward header (See code below)

If you do not use a proxy, beware that the X-Forwarded-For header is very easy to spoof. I suggest you ignore it then unless you have a clear reason why not to.

I updated Muhammed Akhtar's code as follows to allow you to choose:

public string GetIP(bool CheckForward = false)
{
    string ip = null;
    if (CheckForward) {
        ip = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
    }

    if (string.IsNullOrEmpty(ip)) {
        ip = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
    } else { // Using X-Forwarded-For last address
        ip = ip.Split(',')
               .Last()
               .Trim();
    }

    return ip;
}

This Wikipedia article explains the risks more thoroughly.

array Last() requires System.Linq in case you can't compile that code — sandwood, Mar 20 '18 at 10:30
it should grab the First() value on the array after splitting on the comma. — smurtagh, Aug 02 '22 at 20:34

score 36 · Answer 3 · edited Mar 15 '12 at 16:15

36

HTTP_X_FORWARDED_FOR should be used BUT it can return multiple IP addresses separated by a comma. See this page.

So you should always check it. I personally use the Split function.

public static String GetIPAddress()
{
    String ip = 
        HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];

    if (string.IsNullOrEmpty(ip))
        ip = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
    else
        ip = ip.Split(',')[0];

    return ip;
}

edited Mar 15 '12 at 16:15

Matthew Murdoch

30,874
30
96
127

answered Dec 17 '09 at 18:53

Anthony

7,210
13
60
70

18

I would be careful with that, you're picking the first item which could be 192.168.x.x. You normally want to get the last one because the that is the last proxy or client connecting to your system (and probably the most reliable source). See [wikipedia article](http://en.wikipedia.org/wiki/X-Forwarded-For) Code I use does it like this: `ip = (HttpContext.Request.ServerVariables["HTTP_X_FORWARDED_FOR"] ?? "").Split(',').Last().Trim();` – Wouter Simons Nov 06 '12 at 10:30
4

@WouterSimons , According to the same [Wikipedia article](https://en.wikipedia.org/wiki/X-Forwarded-For) "the left-most being the original client", so First() should be used instead of Last() – Michael Freidgeim Nov 25 '15 at 06:36

score 21 · Answer 4 · answered Jul 03 '17 at 16:06

21

In MVC 6, you retrieve the IP address this way:

HttpContext.Request.HttpContext.Connection.RemoteIpAddress.ToString()

answered Jul 03 '17 at 16:06

Erwin

211
2
2

3

You can skip the first part... Why are you going to `Request` to get the `Context` when you already have the `Context`? This should be just `HttpContext.Connection.RemoteIpAddress.ToString()` – Serj Sagan Jul 08 '21 at 18:25

score 3 · Answer 5 · answered Dec 15 '09 at 13:10

If a client is connecting through a transparent non-anonymous proxy, you can get their address from:

Request.ServerVariables["HTTP_X_FORWARDED_FOR"]

which can return null or "unknown" if the IP can't be obtained that way.

Request.ServerVariables["REMOTE_ADDR"] should be the same as Request.UserHostAddress, either of which can be used if the request is not from a non-anonymous proxy.

However, if the request comes from an anonymous proxy, then it's not possible to directly obtain the IP of the client. That's why they call those proxies anonymous.

score 0 · Answer 6 · answered Dec 02 '16 at 12:07

0

string result = string.Empty;
    string ip = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
    if (!string.IsNullOrEmpty(ip))
    {
        string[] ipRange = ip.Split(',');
        int le = ipRange.Length - 1;
        result = ipRange[0];
    }
    else
    {
        result = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
    }

answered Dec 02 '16 at 12:07

Krishna Kumar

17
1

Please add an explanation to your code (and improve the indentation). This would improve the quality of your answer! – Nander Speerstra Dec 02 '16 at 12:20
You are never using that `le` variable - I guess you want to use that instead of `0` in the next line – Hans Keﬆing Dec 02 '16 at 12:36

How to Get IP Address?

6 Answers6

Linked

Related