Journal codefool's Journal: Interesting PHP snippet
few simple lines of PHP (or equiv in any other language) can pull the real IP from a non-anonymising proxy:
<?php
if ($_SERVER['HTTP_X_FORWARDED_FOR'] == NULL) $ip = $_SERVER['REMOTE_ADDR'];
else {
$source = $_SERVER['HTTP_X_FORWARDED_FOR'];
$pattern = "/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/";
preg_match($pattern, $source, $matches);
$ip = $matches[0];
echo "Proxy detected (" . $_SERVER['REMOTE_ADDR'] . ")<br />";
}
echo $ip;
?>
<?php
if ($_SERVER['HTTP_X_FORWARDED_FOR'] == NULL) $ip = $_SERVER['REMOTE_ADDR'];
else {
$source = $_SERVER['HTTP_X_FORWARDED_FOR'];
$pattern = "/\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}/";
preg_match($pattern, $source, $matches);
$ip = $matches[0];
echo "Proxy detected (" . $_SERVER['REMOTE_ADDR'] . ")<br
}
echo $ip;
?>