問題描述

我正在嘗試使用 PHP 的 $_SERVER['REMOTE_ADDR'] 來跟蹤和記錄訪問我的網站的用戶/訪問者.PHP中IP地址跟蹤的典型方法.

I'm trying to track and log users/visitors that are accessing my website using PHP's $_SERVER['REMOTE_ADDR'] to do so. A typical method for IP address tracking in PHP.

但是，我使用 CloudFlare 進行緩存等，并以 CloudFlare 的形式接收它們的 IP 地址:

However, I am using CloudFlare for caching and such and receiving their IP addresses as CloudFlare's:

108.162.212.* - 108.162.239.*

108.162.212.* - 108.162.239.*

在仍然使用 CloudFlare 的同時檢索實際用戶/訪問者 IP 地址的正確方法是什么?

What would be a correct method of retrieving the actual users/visitors IP address while still using CloudFlare?

推薦答案

可用于 Cloudflare 的額外服務器變量有:

Extra server variables that are available to cloud flare are:

$_SERVER["HTTP_CF_CONNECTING_IP"] 真實訪問者ip地址，這就是你想要的

$_SERVER["HTTP_CF_CONNECTING_IP"] real visitor ip address, this is what you want

$_SERVER["HTTP_CF_IPCOUNTRY"] 訪問者所在國家

$_SERVER["HTTP_CF_RAY"]

$_SERVER["HTTP_CF_VISITOR"] 這可以幫助你知道它是 http 還是 https

$_SERVER["HTTP_CF_VISITOR"] this can help you know if its http or https

你可以這樣使用它:

if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
  $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}

如果您這樣做，并且訪問 IP 地址的有效性很重要，您可能需要驗證 $_SERVER["REMOTE_ADDR"] 是否包含實際有效的 cloudflare IP 地址，因為任何人如果他能夠直接連接到服務器 IP，則可以偽造標頭.

If you do this, and the validity of the visiting IP address is important, you might need to verify that the $_SERVER["REMOTE_ADDR"] contains an actual valid cloudflare IP address, because anyone can fake the header if he was able to connect directly to the server IP.

這篇關于CloudFlare 并通過 PHP 記錄訪問者 IP 地址的文章就介紹到這了，希望我們推薦的答案對大家有所幫助，也希望大家多多支持html5模板網！