Search code examples
phpipreal-ip

IP address strange combination

Good day,

I use the following code in PHP to obtain the IP address :

    $IPkey = array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'REMOTE_ADDR');

    foreach($IPkey as $name){
        if(isset($_SERVER[$name])) return $_SERVER[$name];
    }

Now with a client I get very awkward results.

I suddenly get the following results :

  • 2001:1c04:3403:9bf0:a8a6:2d21:8006:159, 172.69.55.30
  • 2001:1c04:3403:9bf0:a8a6:2d21:8006:159, 162.158.111.183
  • 2001:1c04:3403:9bf0:a8a6:2d21:8006:159, 141.101.105.236
  • 2001:1c04:3403:9bf0:a8a6:2d21:8006:159, 172.69.55.208
  • 2001:1c04:3403:9bf0:a8a6:2d21:8006:159, 172.69.55.209

The client claims that he is only using the system from a single PC. Of course I dare to doubt this statement.

But I simply cannot make any understanding out of these IP addresses. It's like an IPv4 addresses appended to an IPv6 address.

I hope anyone could tell me what's their real IP and is this their internal address pasted to their routers address?? And how to avoid this?

EDIT : I will try to explain again. I use the above mentioned code to obtain the IP address.

Now the results I get are like the following as above. It looks like I mean :

2001:1c04:3403:9bf0:a8a6:2d21:8006:159 AND 172.69.55.30

But i get a full string : 2001:1c04:3403:9bf0:a8a6:2d21:8006:159, 172.69.55.30 Like this IS the IP address. Looks pretty unlikely to me. But still that's exactly what's returned to me.

And I am wondering why this is?

Solution

  • The order of your "keys" is important. So even though you really need the remote address, you're often more likely to end up with HTTP_X_FORWARDED_FOR. I think this is the one you're looking at. Its value is that of a HTTP header send along with the HTTP request.

    HTTP_X_FORWARDED_FOR can contain multiple IP addresses. When a request is chained through more than one proxy server, then each proxy should add the IP of the preceding one to the existing X-Forwarded-For header so that the entire chain is preserved. The syntax is:

    X-Forwarded-For: <client>, <proxy1>, <proxy2>

    See: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For

    Since both IPv4 and IPv6 addresses do not contain commas you can look for a comma to see if you have multiple IP addresses. If you do, you can either take the first one, the IP address of the client's computer, or the last one, the last proxy through which the connection went.