3

I'm using cPanel from someone else who resold it to me. This will probably mean I cannot use mod_cloudflare

I would like to get the visitor's IP and not CloudFlare IP. The part of code I'm using:

$_SERVER['REMOTE_ADDR']

That line will get the IP of cloud flare and not the original user's IP.

Is there any way I can get the original IP address from the visitor?

Jeroen
  • 55
  • 1
  • 8

3 Answers3

3

Akam's answer is too complicated and does not work. Here's a simpler way:

if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
  $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
Hudson Taylor
  • 1,040
  • 2
  • 10
  • 28
Denis Raguzov
  • 46
  • 3
  • @hudson-taylor Can you elaborate on this answer more? Unsure how/where to implement this. – Jay Jun 07 '17 at 19:35
  • @Jay Unfortunately, not. I just helped fix some grammar and/or formatting on this answer; I didn't actually help write the code :( Denis Ragusoz would probably be a better person to ask. – Hudson Taylor Jun 09 '17 at 03:46
  • @denis-raguzov ? – Jay Jul 18 '17 at 18:11
1

I used following Functions in my application: http://ipaddress.standingtech.com/ to exclude CloudFlare IP address

<?php

/*
 * @param $ips = array of IP address
 */
function clear_flare_ips($ips){
  foreach($ips as $index => $ip){
    if(is_in_flareips($ip)){
      unset($ips[$index]);
    }
  }
  ksort($ips);
  return $ips;
}

function is_in_flareips($ip){
 $flareips = getflareips();
 foreach($flareips as $range){
   if(ip_in_range( $ip, $range )){
    return true;
   }
 }
 return false;
}

function getallips(){
      if (isset($_SERVER['HTTP_CLIENT_IP']))
          $ipaddress[] = $_SERVER['HTTP_CLIENT_IP'];
      if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
          $ipaddress[] = $_SERVER['HTTP_X_FORWARDED_FOR'];
      if(isset($_SERVER['HTTP_X_FORWARDED']))
          $ipaddress[] = $_SERVER['HTTP_X_FORWARDED'];
      if(isset($_SERVER['HTTP_FORWARDED_FOR']))
          $ipaddress[] = $_SERVER['HTTP_FORWARDED_FOR'];
      if(isset($_SERVER['HTTP_FORWARDED']))
          $ipaddress[] = $_SERVER['HTTP_FORWARDED'];
      if(isset($_SERVER['REMOTE_ADDR']))
          $ipaddress[] = $_SERVER['REMOTE_ADDR'];
      if(count($ipaddress) == 0)
          $ipaddress[] = 'UNKNOWN';
      return $ipaddress;
}

function getflareips(){
  /*
  https://www.cloudflare.com/ips-v4
  */
  return array(
  '103.21.244.0/22',
  '103.22.200.0/22',
  '103.31.4.0/22',
  '104.16.0.0/12',
  '108.162.192.0/18',
  '131.0.72.0/22',
  '141.101.64.0/18',
  '162.158.0.0/15',
  '172.64.0.0/13',
  '173.245.48.0/20',
  '188.114.96.0/20',
  '190.93.240.0/20',
  '197.234.240.0/22',
  '198.41.128.0/17',
  '199.27.128.0/21'
  );
}

function ip_in_range( $ip, $range ) {
/**
 * Check if a given ip is in a network
 * @param  string $ip    IP to check in IPV4 format eg. 127.0.0.1
 * @param  string $range IP/CIDR netmask eg. 127.0.0.0/24, also 127.0.0.1 is accepted and /32 assumed
 * @return boolean true if the ip is in this range / false if not.
 */
    if ( strpos( $range, '/' ) == false ) {
        $range .= '/32';
    }
    // $range is in IP/CIDR format eg 127.0.0.1/24
    list( $range, $netmask ) = explode( '/', $range, 2 );
    $range_decimal = ip2long( $range );
    $ip_decimal = ip2long( $ip );
    $wildcard_decimal = pow( 2, ( 32 - $netmask ) ) - 1;
    $netmask_decimal = ~ $wildcard_decimal;
    return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );
}
Akam
  • 953
  • 14
  • 22
0

Yes, but without access to the server configuration, you will be unable to utilize $_SERVER['REMOTE_ADDR'].

However, you can still use X-Forwarded-For and CF-Connecting-IP. Both would be available in the $_SERVER super-global.

sjagr
  • 15,254
  • 4
  • 38
  • 65
  • $_SERVER['HTTP_X_FORWARDED_FOR'] This will give me Parse error: syntax error, unexpected – Jeroen May 25 '15 at 13:58
  • @Jeroen That's not a problem with `$_SERVER[..]`, you have a *syntax error* in the code you wrote. – deceze May 25 '15 at 14:01
  • http://pastebin.com/LtFKChxD Thats the part of the code, if i change the third line to: $fname2 = $_SERVER['HTTP_X_FORWARDED_FOR'] // or: $fname2 = $ip=$_SERVER['HTTP_X_FORWARDED_FOR']; // It will both give error – Jeroen May 25 '15 at 14:05
  • That goes way above my knowledge haha, the thing is that it works with $_SERVER['REMOTE_ADDR'] but if i just replace that part it will give the error. – Jeroen May 25 '15 at 14:16
  • I am not able to fix it, im using $_SERVER['REMOTE_ADDR'] without a problem but when using $_SERVER['HTTP_X_FORWARDED_FOR'] its giving the syntax error which cannot be explained – Jeroen Jun 14 '15 at 09:51
  • @Jeroen I can't reproduce your problem, so you're going to have to show complete code that causes the same issue you're describing. – sjagr Jun 21 '15 at 15:36
  • @Jeroen [See this sandbox](http://sandbox.onlinephpfunctions.com/code/556b92636f27495ac90b95bc14848fe19e21c5e2). Notice how the error message (for the `HTTP_X_FORWARDED_FOR`) is not the same as your syntax error message (it complains about an undefined index - which makes sense since that environment isn't running behind CloudFlare). Please show your code with the usage of `HTTP_X_FORWARDED_FOR` instead of `REMOTE_ADDR` and double-check the error message you're getting for it. – sjagr Jun 22 '15 at 14:17