CloudFlare and logging visitor IP addresses via in PHP
Extra server variables that are available to cloud flare are:
$_SERVER["HTTP_CF_CONNECTING_IP"]
real visitor ip address, this is what you want
$_SERVER["HTTP_CF_IPCOUNTRY"]
country of visitor
$_SERVER["HTTP_CF_RAY"]
$_SERVER["HTTP_CF_VISITOR"]
this can help you know if its http or https
you can use it like this:
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
If you do this, and the validity of the visiting IP address is important, you might need to verify that the $_SERVER["REMOTE_ADDR"]
contains an actual valid cloudflare IP address, because anyone can fake the header if he was able to connect directly to the server IP.
Get correct visitor IP through CloudFlare
Yes, but without access to the server configuration, you will be unable to utilize $_SERVER['REMOTE_ADDR']
.
However, you can still use X-Forwarded-For
and CF-Connecting-IP
. Both would be available in the $_SERVER
super-global.
How do I detect visitor's real ip from CloudFlare?
<?php
$realip = $_SERVER['HTTP_CF_CONNECTING_IP'];
?>
Restoring Visitor IPs in WHMCS with Cloudflare
WHMCS has settings for such service, called Trusted Proxies, check documentation for Trusted Proxy Settings
Basically, from Setup > General Settings > Security Tab:
Set
Proxy IP Header
to X_FORWARDED_FORAdd IP address to
Trusted Proxies
. This is the tricky part, since you need to add CloudFlare IPs
Cloudflare is giving me the wrong IP when I use getenv(REMOTE_ADDR)
Of course it is, Cloudflare hides your server real address from the user by intermediating the connection (reverse Proxy), and at the same rate you see the proxy's IP accessing the page instead of the user's.
But they report the real IP through the header CF-Connecting-IP
and other useful headers Cloudflare generate to figure out the user's real origin.
Try again with $_SERVER['HTTP_CF_CONNECTING_IP']
instead of getenv(REMOTE_ADDR)
and see what happens.
How to get Real IP from Visitor?
Try this php code.
<?PHP
function getUserIP()
{
// Get real visitor IP behind CloudFlare network
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
$_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
$client = @$_SERVER['HTTP_CLIENT_IP'];
$forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
$remote = $_SERVER['REMOTE_ADDR'];
if(filter_var($client, FILTER_VALIDATE_IP))
{
$ip = $client;
}
elseif(filter_var($forward, FILTER_VALIDATE_IP))
{
$ip = $forward;
}
else
{
$ip = $remote;
}
return $ip;
}
$user_ip = getUserIP();
echo $user_ip; // Output IP address [Ex: 177.87.193.134]
?>
Related Topics
How to Zip Folder Without Full Path
Can't Install PHP Package on Centos
Generating Random Numbers Without Repeats
How to Add Anchor Tag to a Url from Text Input
Get Date Range Between Two Dates Excluding Weekends
How to Render a Datetime Object in a Twig Template
How to Check and Set Max_Allowed_Packet MySQL Variable
Fix Access Denied for User 'Root'@'Localhost' for PHPmyadmin
Laravel 5 Change Public_Path()
Fatal Error: Maximum Execution Time of 300 Seconds Exceeded
Detect Main Colors in an Image with PHP
Using PHP/Apache to Restrict Access to Static Files (Html, CSS, Img, etc)