HTTPS and client IP address 1

roycrom · Apr 22, 2004

is there anyway to get the client IP address via https. My proxy forwards the client IP as I can get it with

Code:

$_SERVER['HTTP_X_FORWARDED_FOR']

via http but not https.

Does anyone know a way round this or a different variable?

I need to do this so I can offer a different page depending on client IP. I can do this on normal http.

------------------------------------------
Somethings come from nothing, nothing seems to come from somethings - SFA - Guerilla

roycrom

KarveR · Apr 22, 2004

I think not being able to do this is one of the "security features" of PHP.

______________________________________________________________________
There's no present like the time, they say. - Henry's Cat.

roycrom · Apr 22, 2004

Does that mean that the info is there somewhere but just hidden? Looks like I'm gonna just have to password protect (I would have done this as well any way) the page and show the link to everyone.

The link is to a form to add a new mysql user and db or just db for an existing user and I really only wanted a couple of people to get this option. Thanks for the reply though karveR.

------------------------------------------
Somethings come from nothing, nothing seems to come from somethings - SFA - Guerilla

roycrom

sleipnir214 · Apr 22, 2004

On my LAMP box, I can get the client's IP address through an HTTPS connection:

$_SERVER['REMOTE_ADDR']

Want the best answers? Ask the best questions!

TANSTAAFL!!

roycrom · Apr 22, 2004

If I don't go through the proxy I can get the IP address that way too. However as the clients all come through our proxy then
$_SERVER['REMOTE_ADDR']
gives the proxy address and not the client IP.

As I said
$_SERVER['HTTP_X_FORWARDED_FOR'] should give the client IP address and $_SERVER['REMOTE_ADDR'] the proxy.

And that method works if I use http but not https via squid proxy.

------------------------------------------
Somethings come from nothing, nothing seems to come from somethings - SFA - Guerilla

roycrom

sleipnir214 · Apr 22, 2004

Sorry. I forgot about the proxying problem.

PHP can only provide the information provided to it. Do:

print_r ($_SERVER);

to see what's available. What you see is what you get.

You might take a look at your squid configuration -- maybe there is something you can tweak there to get it to provide the proxying information for HTTPS connections.

Want the best answers? Ask the best questions!

TANSTAAFL!!

sleipnir214 · Apr 22, 2004

According to this page, squid cannot provide the HTTP_X_FORWARDED_FOR header for HTTPS because it tunnels, not proxies, HTTPS requests.

Because of the end-to-end encryption of the connection, squid can't even see the headers, much less modify them.

Want the best answers? Ask the best questions!

TANSTAAFL!!

roycrom · Apr 22, 2004

sleipnir, that was exactly the info I was after. At least it tells me definitively one way or the other so I don't keep looking for a solution. Thanks for that.

------------------------------------------
Somethings come from nothing, nothing seems to come from somethings - SFA - Guerilla

roycrom

Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

HTTPS and client IP address 1

roycrom

Programmer

KarveR

MIS

roycrom

Programmer

sleipnir214

Programmer

roycrom

Programmer

sleipnir214

Programmer

sleipnir214

Programmer

roycrom

Programmer

Similar threads

Part and Inventory Search

Sponsor