I have seen some websites just detect my proxy address but some scripts are really wise and they can detect my real ip address.
I just want to know what are their differences and how can i build for detecting real ip address.

A PHP script would have knowledge of only the computer which made the request and its IP address. To obtain an IP address of the original host, you would need to run some kind of script or executable on that machine.

A PHP script would have knowledge of only the computer which made the request and its IP address. To obtain an IP address of the original host, you would need to run some kind of script or executable on that machine.

No, I have seen websites before (with firefox) where they can see past a proxy server (without having to run a executable on that computer). How they do this, I don't know. But I have only seen like 2 sites in my whole life that have that.

Can you detect IP address with javascript?

Yeah I've seen it done as well with PHP scripts, but I don't believe it can be done from inside a single php function or whatever. :\

Interesting - I'll see what I can dig up. Maybe the proxy server sends some kind of header with it in. Anyone got a linkto one of these sites?

From PHP.com/getenv

I am about to try and nut this out but from the data I see so far the true ip address (live ip of the nat router) is included in $_SERVER['HTTP_CACHE_CONTROL'] as bypass-client=xx.xx.xx.xx

$_SERVER['HTTP_X_FORWARDED_FOR'] contains the proxy behind the nat router.

$_SERVER['REMOTE_ADDR'] is the isp proxy (from what I read this can be a list of proxies if you go through more than one)


Any truth to that do you think? Can't be bothered to setup a test myself. :p

This is the test my brother came up with (or read somewhere) ages ago, and it's always worked correctly, assuming a proper proxy:
return isset($_SERVER['HTTP_X_FORWARDED_FOR']) ?
$_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];

These scripts could be using the X-HTTP-FORWARDED-FOR header sent by the proxy server. They may also be using Java (http://www.rgagnon.com/jsdetails/js-0019.html), again , this seems to rely on the proxy telling you that the IP address and in my case only ever return 127.0.0.1 as my proxy server is set not to expose the clients IP.

I posted a script on PHP Builder (http://phpbuilder.com/board/showthread.php?t=10313544), they know way more about PHP than I do so if indeed there is a way using PHP they'll know.

If the proxy decides not to forward the client's IP, there nothing you can do save locking the user out.