[nycphp-talk] best practice for detecting ip
rmarscher at beaffinitive.com
Thu Mar 27 18:42:04 EDT 2008
On Mar 27, 2008, at 12:34 AM, Larry Ludwig wrote:
> On Mar 18, 2008, at 4:16 PM, Rob Marscher wrote:
>> Hey everyone,
>> Does someone know the best practice for detecting ip addresses with
>> php/apache for use in reporting/metrics?
>> I'm re-evaluating our code for detecting ips and I see it's built
>> towards getting a unique browser ip without regard for how easily
>> it can be spoofed. For example, we're using X-FORWARDED-FOR which
>> I know can be very easily spoofed by proxy servers so it should
>> only be done with trusted proxies like AOL. Does anyone know where
>> to find a good list of ips of trusted proxies (as well as maybe a
>> list of known anonymous proxy servers)?
> Yes I assuming you are partly asking this based upon the amount of
> form spam and the amount of people using anonymous proxing.
Yeah... that and also things like unique click/impression tracking,
identifying people creating multiple accounts on sites, etc. Those
links were pretty helpful. It would be nice if there was a whitelist
maintained of ips for trusted proxies from major ISPs as well.
More information about the talk