$_SERVER['REMOTE_ADDR']; in PHP

talk2azs · Dec 29, 2015

When using the PHP built in function:
$ip = $_SERVER['REMOTE_ADDR'];
The X10hosting server is now returning IP address:198.91.81.4
For everyone that connects to various pages.

Some of my php files use the IP address as a way of determining what region of the world a user is connecting from. This is causing a BIG problem with my web pages. What is going on???

The IP address, 198.91.81.4, is registered with x10hosting. Below is what a whois page reported back:
IP: 198.91.81.4
Decimal: 3327873284
Hostname: xo2.x10hosting.com
ASN: 32475
ISP: X10hosting, LLC
Organization: SingleHop
Services: None detected
Type: Corporate
Assignment: Static IP
Blacklist:
Geolocation Information
Continent: North America
Country: United States

State/Region: New Hampshire
City: Tilton
Latitude: 43.4329 (43° 25′ 58.44″ N)
Longitude: -71.5682 (71° 34′ 5.52″ W)
Postal Code: 03276

talk2azs · Dec 29, 2015

OH..I need to add one more thing. While working on another php script earlier today, I did receive a 503 Backend fetch failure when trying to test my script. Shortly after that, the error went away and that is when I noticed the IP address 198.91.81.4 coming up on my test page and for every other page accessed by others that have accessed various web php pages.

caftpx10 · Dec 29, 2015

Mhm. In that case, it sounds like Varnish Cache is passing the server's IP to Apache rather than the IP that it should've captured on request.

talk2azs · Dec 29, 2015

That does make sense. The Varnish cache server has been a real pain in my butt, especially with php and java scripts combined to perform a GPS function. I even added an additional line in my root .htaccess file that includes: "max-age=0, private, no-cache, no-store, must-revalidate" to virtually disable the Varnish cache server. After I added that code, my GPS function started working properly again.

If I remember correctly, I think my site is on the X07 server which has had problems a few weeks ago. Maybe X07 is still having problems. hmmmmmm

AngusThermopyle · Dec 29, 2015

Try

$_SERVER['HTTP_X_FORWARDED_FOR']
or
$_SERVER['HTTP_XV_CONNECTING_IP']

Following should print all the $_SERVER values ...

PHP:

echo "<br />******* \$_SERVER ************     <br />\n" ;

foreach( $_SERVER as $k => $v ){

  echo $k . "  "  .  $_SERVER[ $k ] . "      <br />\n" ;


}

talk2azs · Dec 29, 2015

OK. The function
$_SERVER['HTTP_X_FORWARDED_FOR']
does work. That is a good work around.
But there is one other BIG problem!!!
I have a list of IP addresses I have set to block in my IP Address Deny Manager.
I just added my IP address to that list and my x10host site is not blocking it.
This is not good.

AngusThermopyle · Dec 30, 2015

Google-foo found:

http://frustratedtech.com/post/42641261089/htaccess-file-to-block-ips-coming-from-varnish

Adjust to deny listed IP's rather than allow. Don't know if it works, but it is a start.

caftpx10 · Dec 30, 2015

Unfortunately, using that directive in .htaccess doesn't help.
While it would help stop server-side caching, the Varnish Cache Server is still sitting there as a HTTP reverse proxy. You could call it a "passthru".

The directive you were attempting to use is something for the Varnish Cache Server to pick up and take action on.

So at the moment, it would be like this:
HTTP requests > Varnish Cache Server > Apache Web Server

With that said, what this particular error would be about is having a communication issue with the web server.

------------------------

Now to the IP stuff.

Okay, so you're saying that the workaround works which is great. Unfortunately, the issue is still around. This would have to be fixed or you may have to resort to IP blocking via PHP (which isn't really nice).

talk2azs · Dec 30, 2015

Yes. The manual IP blocking method would have to be used. But like you said, it will not be nice. But the built in IP Deny manager as of the moment serves no purpose, at least on the server that my site is on.

Until the issue is fixed, I will have to add IP address 198.91.81.4 to my IP deny manager. It will unfortunately deny access to my website for everyone until the issue is resolved.

I think I will create another thread to report the problem with the IP deny manager, seeing how a work around for the issue in this thread has technically been resolved using a Jerry-Rig work around.

talk2azs · Dec 30, 2015

AngusThermopyle...
Thanks for your response. But the IP deny manager is already set up to deny IP's and not allow. It also looks like the listed blocked IP addresses are entered into the .htaccess file by the IP Deny manager, which is accessible in the cpanel.

caftpx10 · Dec 30, 2015

As you said, the IP deny manager just adds IP deny entries into a .htaccess.
This does sound like something more than this tool. Supposedly to do with Varnish Cache Server.

A more improved workaround would be something like this:

PHP:

if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
}

caftpx10 · Dec 30, 2015

Little bump for a little good reason. It looks like the issue has been resolved! At least on xo2 anyway.
To test if this has been resolved for you:

PHP:

if($_SERVER['REMOTE_ADDR'] == $_SERVER['HTTP_X_FORWARDED_FOR']) {
echo 'Issue resolved';
}
else {
echo 'Issue present';
}

talk2azs · Dec 30, 2015

Actually the $_SERVER['REMOTE_ADDR'] is working properly again since earlier today. But it looks like the IP addresses listed in the IP Deny Manager are still not being blocked.

This issue actually gave me a reason to finally do things right by adding a getip() function to my functions.php file. I added the following code inside my newly created getip() function:
if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
}

Functions.php is a file that I include in most of my php script files. Now that I have added a function named getip(), I can now get the correct IP address when I call the function within the main script. It was time consuming to go in, edit the code in each of the many php files, and test them individually. But now in the future, if something needs changing again, I just have to edit one file.

I know, I should have done this to begin with, but I did not know my file library was going to grow to as many files as it has to this point.

Thanks for everyone's help and input.

bdistler · Dec 30, 2015

talk2azs said:
But it looks like the IP addresses listed in the IP Deny Manager are still not being blocked.

try to block your current ISP/IP address (which is at [ https://www.whatismyip.com/ ] )
by using cPanel's [ IP Address Deny Manager ]
I assume you can still load your site - after cPanel says "Users with the following IP addresses will not be able to access your site: (your IP address)"

when I used cPanel's [ IP Address Deny Manager ] to do that in my account - cPanel added this code to the bottom (end) on my current [ .htaccess ] file in folder [ public_html ]...

<Files 403.shtml>
order allow,deny
allow from all
</Files>

deny from (my IP address)

and I could still get to my site (no 403 error)
so using cPanel's [ File Manager ] editor - I changed that code to...

<Files 403.shtml>
order allow,deny
allow from all
</Files>

<Files *>
order deny,allow
deny from (my IP address)
</Files>

click on above

that gave me a 403 error
changed that last "deny" to "allow"
no 403 error
changed it back and received the 403 error

cPanel's [ IP Address Deny Manager ] will NOT block IP address IF you have a [ .htaccess ] file with other stuff in it - before you use the manager
the code would work if it was all that was in the [ .htaccess ] file (i.e. was no [ .htaccess ] file before you used the manager)

I do not know what is needed in or not in the [ .htaccess ] file to make the code entered by cPanel's [ IP Address Deny Manager ] to block a IP address
BUT I do know I can not block a IP address with cPanel's [ IP Address Deny Manager ] with my current [ .htaccess ] file

talk2azs · Dec 31, 2015

Sorry. I forgot to post a note on this thread last night at around 8:50pm, about an hour before bdistler's post above.
I posted a note on my other thread: IP's listed in IP Deny Manager not being blocked.
I had mentioned that the IP's listed in the IP Manager are being blocked again.
All is well in x10 hosting land once again.

But as a reply to bdistler, I have always had additional directives in my .htaccess file and have never had an IP block issue until this recent hiccup on X10's servers.

All is good now and I really appreciate everyone's input and suggestions during this issue.

bdistler · Dec 31, 2015

talk2azs said:
All is well in x10 hosting land once again.

not for me...

as of about 15:08 2015-12-31 UTC
cPanel's [ IP Address Deny Manager ] - still will not block a IP address with my current [ .htaccess ] file - as I said above

$_SERVER['REMOTE_ADDR']; in PHP

talk2azs

Member

talk2azs

Member

caftpx10

Well-Known Member

talk2azs

Member

AngusThermopyle

Active Member

talk2azs

Member

AngusThermopyle

Active Member

caftpx10

Well-Known Member

talk2azs

Member

talk2azs

Member

caftpx10

Well-Known Member

caftpx10

Well-Known Member

talk2azs

Member

bdistler

Well-Known Member

talk2azs

Member

bdistler

Well-Known Member

Free Web Hosting

Our Community

Legal