Couldn't you just retrieve the visitor's IP address in PHP? It seems like an extra step to figure out their IP via Java and send it to a PHP script when PHP can determine the visitor's IP itself from the server variables.

PHP works on server so it gets proxy IP only.

But JAVA applet can get real fraudster IP even if he is using the best proxy.

But JAVA applet can get real fraudster IP even if he is using the best proxy.

I don't know what gave you that impression - but it is false.

But JAVA applet can get real fraudster IP even if he is using the best proxy

No it can't ... for example, if they're using a Cable/DSL router, which most broadband users are using these days, all you would see for the IP address is 192.168.1.x - that doesn't help you at all.

The best way is still to capture the IP that actually communicates with the server. If there is any fraud committed that requires federal action, it would be up to the owner of the proxy server to check their logs to see who used their server to connect to your site.

4 bcolflesh: add proxy and go 2 stayinvisible.com (sorry for URL again) to test IP. You will see it gets your real IP because java applet connects directly to server; proxy case it goes like: you -> proxy - > server

4 digitalv: so that's idea that we will never do some actions against fraudsters, no time for this.. we just need to collect more indications that order was fraudulent. And JAVA could be fine. We get IP using PHP then get result what JAVA shows and just cancel order if will be difference.

You will see it gets your real IP because java applet connects directly to server

Nope - shows an IP from a DSL connection in Korea, another try and now from a university in Israel, etc ;) - it doesn't work - sorry to burst your bubble.