How can I track my website (static) client IP?

Question

1.00/5 (1 vote)

See more:

I need to know what's the IP of whoever signs in to my website, I tried the usual way, it turns different IP addresses for the same cell phone at the same location (so weird), I don't think the cell phone is using more than one IP address, that's why I asked for the static IP address.
Any idea?
I appreciate your help

What I have tried:

I tried this:

<?php

//ip address
  function getUserIpAddr(){
      if(!empty($_SERVER['HTTP_CLIENT_IP'])){
          //ip from share internet
          $ip = $_SERVER['HTTP_CLIENT_IP'];
      }elseif(!empty($_SERVER['HTTP_X_FORWARDED_FOR'])){
          //ip pass from proxy
          $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
      }else{
          $ip = $_SERVER['REMOTE_ADDR'];
      }
      return $ip;
  }

  $ip = getUserIpAddr();
?>

Posted 13-Dec-21 11:10am

Member 14819235

Updated 13-Dec-21 14:06pm

Add a Solution

1 solution

Add a Solution

Add your solution here

Treat my content as plain text, not as HTML

Preview 0

…

Existing Members

Sign in to your account

...or Join us

Download, Vote, Comment, Publish.

Your Email
Password
Forgot your password?

Your Email
This email is in use. Do you need your password?
Optional Password

I have read and agree to the Terms of Service and Privacy Policy
Please subscribe me to the CodeProject newsletters

When answering a question please:

Read the question carefully.
Understand that English isn't everyone's first language so be lenient of bad spelling and grammar.
If a question is poorly phrased then either ask for clarification, ignore it, or edit the question and fix the problem. Insults are not welcome.
Don't tell someone to read the manual. Chances are they have and don't get it. Provide an answer or move on to the next question.

Let's work to help developers, not make them feel stupid.

This content, along with any associated source code and files, is licensed under The Code Project Open License (CPOL)

Dave Kreskowiak · Accepted Answer · 2021-12-13T14:06:00

Solution 1

Why would you want the client IP? It cannot be used to uniquely identify clients. Client IP's are rarely static. They're usually assigned by DHCP and can and do change.

The header variable you're looking for "X-Forwarded-For". This returns a list of IP's in the forwarding chain. It will NOT typically have an actual client IP address in it as clients are usually sitting behind a NAT or VPN.

Posted 13-Dec-21 14:06pm

Dave Kreskowiak

Comments

Member 14819235 14-Dec-21 15:49pm

Thanks for your response, actually, all the $ip return resulted from the 'REMOTE_ADDR' in the above code, so the code skipped the Client and Forward IP addresses!
Here's the reason I need the exact IP address of the user for, because I have a password input form, then it goes to confidential information page, so what I need is to be sure that the same person who entered the password is who is looking at those info, using the same device

Dave Kreskowiak 14-Dec-21 19:39pm

You cannot use the IP Address to determine that. It CAN change while the user is using your site.

You should be using SSL/TLS (HTTPS) for your entire site to secure the communication end-to-end to prevent the kind of attacks you're describing.

Member 14819235 15-Dec-21 17:35pm

Thanks,
Ok, I have HTTPS already, through the SSL, what if a user copied their url, sent it to another person using another device, this url contains the user password!

Dave Kreskowiak 15-Dec-21 17:57pm

If you're putting usernames and password in the URL's, you're doing it very VERY wrong.

That should be submitted to the server in a HTML form, not in a URL.

Member 14819235 16-Nov-22 19:07pm

Got it, thnx