This is what I've got so far and it doesn't work.

<?php
$ip=$REMOTE_ADDR; 
echo $ip;
?>

<?php
$ip=$_SERVER['REMOTE_ADDR'];
echo $ip;
?>

<?php

function getIp() {

 $ip = $_SERVER['REMOTE_ADDR'];

 if (!empty($_SERVER['HTTP_CLIENT_IP'])) {

 $ip = $_SERVER['HTTP_CLIENT_IP'];

 } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {

 $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];

 }
 return $ip;
}
$ip = getIp();

echo $ip;
?>

$_SERVER['REMOTE_ADDR'] is what you're after.

[php.net...]

Does

$_SERVER['REMOTE_ADDR']

return an IP address for you?

I have experienced the situation where

REMOTE_ADDR

was not set (or was empty) - I think this was down to the server configuration and the users accessing it over a closed intranet. In this case I had to fall back to HTTP_X_FORWARDED_FOR (which can contain multiple (comma separated) IP addresses if going through multiple proxies). However, if REMOTE_ADDR is set and is a valid IP address then this should take priority as I believe these other headers could be faked, if you are on the world-wide-web.

The script you have posted above looks as if you are allowing REMOTE_ADDR to be overridden if another header is set - this looks dangerous to me, particularly if you are serving content based on this IP address.

With cloud hosting $_SERVER['REMOTE_ADDR'] may not return the right value. I had to pull it from the $_ENV['REMOTE_ADDR'] in a couple of cases where I had access to that kind of environment, but I don't know how reliable it is.

The HTTP_X_* surely can be faked I wouldn't rely on them.

<?php 
$ip=$REMOTE_ADDR;  
echo $ip; 
?>

Just to add, this should not be used (referencing $REMOTE_ADDR in the global scope) - this is reliant on register_globals being set on the server and it probably isn't - or shouldn't be!

You could examine all the superglobals (or the output from phpinfo() [uk.php.net]) to see if you can see your IP address!

$_SERVER['REMOTE_ADDR'] is what you're after.

That doesn't bypass proxy.

Does $_SERVER['REMOTE_ADDR'] return an IP address for you?

No. it doesn't

this is reliant on register_globals being set on the server

True. That's why I'm not using it.

Still looking for a reliable PHP snippet. I'm sure there's a way because so many sites are able to figure out my own IP, unless they're using Perl or something else.

That doesn't bypass proxy.

You can't reliably detect proxies. The $_SERVER['REMOTE_ADDR'] will return an IP. What it returns? an empty string?

This works for me:
$ip = $HTTP_SERVER_VARS['HTTP_X_CLUSTER_CLIENT_IP'];

I'm sure there's a way because so many sites are able to figure out my own IP, unless they're using Perl or something else.

You are presumably behind a proxy server? I don't think any other scripting language will offer any benefits over PHP in this respect. If it is an anonymous proxy then no server will be able to identify your IP address.

Have you examined the output from phpinfo() as I mentioned above? If your IP address is reachable in any way, then it should be in there? What do the following PHP variables return for you....?

$_SERVER['REMOTE_ADDR'] - wrong IP, empty string or just not set at all?
$_SERVER['HTTP_X_FORWARDED_FOR']
$_SERVER['HTTP_VIA']
$_SERVER['HTTP_CLIENT_IP']

As I understand it, if a user is behind a proxy server then you will probably have to check $_SERVER['HTTP_X_FORWARDED_FOR'] (or possibly $_SERVER['HTTP_CLIENT_IP'] or something else...) to get the users actual IP address, but this is dependent on the proxy server, as the proxy server needs to 'pass on' your IP address (it doesn't have to - an anonymous proxy). So, whilst this might work for you and perhaps others on a known system, this is unreliable (and can be faked) on the www AFAIK, as @enigma1 states.

So, IMO, if you are on the www then you should not authenticate a user (ie. serve content based on their IP) if you have determined their IP address by one of these other methods and not by REMOTE_ADDR? Which address does the server send back the response to?

This is the code I'm using to test all these possibilities:

<?php

function getIp() {



 $ip = $_SERVER['REMOTE_ADDR'];

 if (!empty($_SERVER['HTTP_CLIENT_IP'])) {

 $ip = $_SERVER['HTTP_CLIENT_IP'];

 } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {

 $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];

 }

 return $ip;
}
$ip = getIp();

$ip2 = $HTTP_SERVER_VARS['HTTP_X_CLUSTER_CLIENT_IP']; 

echo $ip;
print "</br>";
echo $ip2;
$ip3 = $_SERVER['REMOTE_ADDR'];
$ip4 = $_SERVER['HTTP_X_FORWARDED_FOR'];
$ip5 = $_SERVER['HTTP_VIA'];
$ip6 = $_SERVER['HTTP_CLIENT_IP'];
echo $ip3;
print "</br>";
print "IP4 is $ip4";
print "</br>";
print "IP5 is $ip5";
print "</br>";
print "IP6 is $ip6";
print "</br>";

?>

Here's the output I get:

10.255.255.4
10.255.255.4
IP4 is
IP5 is
IP6 is

I'm no expert on this but I believe I'm being assigned a dynamic IP when I log on using my connection which is a broadband line from a prominent ISP in these parts. Other websites are able to determine my IP which means it should be possible to do so but I just can't figure out how. None of these snippets work. Thanks for all the help so far.

You could examine all the superglobals (or the output from phpinfo() [uk.php.net]) to see if you can see your IP address!

I couldn't locate my IP anywhere within the output of the php info file that I placed on the server.

10.255.255.4

This is a private IP address! From the results you have posted it looks like you are running this on a local test server within your own network - not behind a proxy server?! If this is the case then "10.255.255.4" is your local IP address on your LAN.

If this is the case then "10.255.255.4" is your local IP address on your LAN.

My IP address according to Google and some other websites is 115.246.ZZZ.ZZZ (THE 'Z's are numbers). I'm trying to create a script which can determine this successfully.

But where are you currently running your test script? On an external webserver, or locally on your LAN? Your results look as if you are running it locally on your LAN. Only if you run your script on an external webserver will it return your external IP address. Google and all the other sites that show you your IP address are external and therefore show you your external IP address.

Not quite sure what happened but it seems to work now. Thanks!