[nycphp-talk] best practice for detecting ip
larrylud at gmail.com
Thu Mar 27 00:34:56 EDT 2008
Does someone know the best practice for detecting ip addresses with
php/apache for use in reporting/metrics?
I'm re-evaluating our code for detecting ips and I see it's built
towards getting a unique browser ip without regard for how easily it
can be spoofed. For example, we're using X-FORWARDED-FOR which I know
can be very easily spoofed by proxy servers so it should only be done
with trusted proxies like AOL. Does anyone know where to find a good
list of ips of trusted proxies (as well as maybe a list of known
anonymous proxy servers)?
Also, is there any reason to use HTTP_CLIENT_IP? The current code we
have looks to use that first if it's available. But I'm not exactly
sure the difference between that header and REMOTE_ADDR.
Thanks a lot,
Yes I assuming you are partly asking this based upon the amount of form spam
and the amount of people using anonymous proxing.
Some RBLs that might be of help
Some of the public ones out there (not complete)
http://www.stopforumspam.com/ (which we have converted into a local RBL)
As of previous RBLs were designed to be for only SMTP but as the botnets
progress to web based attacks/spam they are being reused for other proposes.
Here is the obligatory PHP code to test RBLs and if a proxy service
There also exists apache plugins to block/redirect to other web pages if on
a specified RBLs
Offline I can discuss other things we are developing to help protect our
network by using RBLs
RBLs aren't just for SMTP anymore.
Managed and Unmanaged Xen VPSes
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the talk