How to get real IP of user using PHP?

Question

I've been trying to get real IP address of the user, and not a proxy address. For that I've done this:

$ip1 = $_SERVER['REMOTE_ADDR'];
$ip2 = $_SERVER['HTTP_X_FORWARDED_FOR'];
$ip3 = $_SERVER['HTTP_FORWARDED'];
mail("me@domain.com", "Report", "IP1 is $ip1, IP2 is $ip2, IP3 is $ip3 .");

But when a user is using proxy, the above script gets the proxy address and not the real IP address:

IP is [proxy_addr_here], IP2 is  , IP3 is    .

Is there any way to get real IP just like whatismyip.com tells (it tells real IP address, proxy address and useragent)?

Update : Whatismyip tells me this "Your IP Address Is: [my real IP] Proxy: [my proxy address] City: Alipur State/Region: Delhi Country: IN - ISP: Bharti Airtel Ltd."

How come it gathers all the details so accurately but not my PHP script?

That's because this isn't really possible in the general sense. Many proxies do not include the headers reporting who they are proxying for. On purpose. — Andrew Barber, Aug 11 '14 at 06:46

Hanky Panky · Accepted Answer · 2014-08-11T07:01:18.920

4

You could do

$ip= isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? 
     $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];

But even that is not 100%. Getting IP of the real user now a days is not a guarantee with so many NAT firewalls in between, let alone proxies.

Edit

To answer your edit as to how they show you more information, you could use many features of the language to get more request details. For example try

print_r(getallheaders());

Then you can also use

 print_r($_SERVER);

And extract the required information from there.

Edit 2

Even your favorite whatismyip.com reports

Your IP Location can be found using our IP Lookup tool. No IP Lookup tool is 100% accurate due to many different factors. Some of those factors include where the owner of the IP has it registered, where the agency that controls the IP is located, proxies, cellular IPs, etc. If you are in the US and the controlling agency of the IP is located in Canada, chances are the IP address lookup results will show as Canada. Showing a Canadian IP while in the US is very common among Blackberry users on the Verizon network.

Reference

You might still ask ok then why cant I get at least what they show? Im sure they have put up a lot of research and resources in setting up that tool, its not a one line PHP code, in fact there is no telling whether that site is written in PHP at all. Some more research and you will be on your way to try to match their lookup.

edited Aug 11 '14 at 07:01

answered Aug 11 '14 at 06:42

Hanky Panky

46,730
8
72
95

But how does whatismyip.com tells both realIP and proxy ? – user3696690 Aug 11 '14 at 06:44
@user3696690 they do it like that. Just, many proxy servers don't include that information. – Andrew Barber Aug 11 '14 at 06:47
And they also discuss their methods here, http://forum.whatismyip.com/f49/?iref=ial=c . Once you get into it there are a lot of improvements that can be made with more data and code but again even that is not 100%. For example it shows me the NAT ip that my ISP has put me on, and that IP is shared by so many other people as well. – Hanky Panky Aug 11 '14 at 06:48
Pls see my question edition. – user3696690 Aug 11 '14 at 06:50
And the Locality information? you can Google *IP to Location* – Hanky Panky Aug 11 '14 at 06:57
Thanks for that great explanation, so the problem is HTTP_X_FORWARDED_FOR gets the real IP when I use it on my VPS, but when I echo HTTP_X_FORWARDED_FOR on my shared server it gives a blank page. Is there any PHP variable that needs to be enabled? – user3696690 Aug 11 '14 at 07:14
Because `X_FORWARDED_FOR` is not always set. Even if there is a proxy being used they can decide not to populate this variable. That's exactly one of the things that anonymous proxies do – Hanky Panky Aug 11 '14 at 07:17
See this, http://198.154.60.194/x.php and http://appfestive.com/ss.php. The first url is hosted on vps and 2nd on shared. The first one always echoes desired result for HTTP_X_FORWARDED_FOR but second one always echoes blank page. why is HTTP_X_FORWARDED_FOR not being set on my shared server? – user3696690 Aug 11 '14 at 07:25

Dipak G. · Answer 2 · 2014-08-11T07:06:41.447

0

You can try this...

<?PHP

function getUserIP()
{
    $ipaddress = '';
    if (getenv('HTTP_CLIENT_IP'))
        $ipaddress = getenv('HTTP_CLIENT_IP');
    else if(getenv('HTTP_X_FORWARDED_FOR'))
        $ipaddress = getenv('HTTP_X_FORWARDED_FOR');
    else if(getenv('HTTP_X_FORWARDED'))
        $ipaddress = getenv('HTTP_X_FORWARDED');
    else if(getenv('HTTP_FORWARDED_FOR'))
        $ipaddress = getenv('HTTP_FORWARDED_FOR');
    else if(getenv('HTTP_FORWARDED'))
       $ipaddress = getenv('HTTP_FORWARDED');
    else if(getenv('REMOTE_ADDR'))
        $ipaddress = getenv('REMOTE_ADDR');
    else
        $ipaddress = 'Unknown IP Address';

    return $ipaddress;
}

$user_ip = getUserIP();

echo $user_ip; // Output IP address (Ex: 123.345.456.678)

?>

edited Aug 11 '14 at 07:06

answered Aug 11 '14 at 06:48

Dipak G.

715
1
4
18

It gave me the proxy address instead, and not what whatismyip gives – user3696690 Aug 11 '14 at 06:56
@user3696690 I have updated the function (above code). Can you retry now? – Dipak G. Aug 11 '14 at 07:07
I checked it's returning ipV6 address not ipv4 – Vipertecpro Nov 19 '19 at 19:30

How to get real IP of user using PHP?

2 Answers2