使用codeigniter检索用户的真实IP [英] Retrieve real IP of user using codeigniter
问题描述
我的应用程式会追踪登入网站的使用者的IP位址。跟踪在正常的网络服务器(我们在hostgator)工作正常,但似乎开始跟踪奇数IP地址,当我们切换到PaaS平台(pagodabox)在谈到pagodabox支持后,他们告诉我,IP代码指示器正在拾起pagodabox的负载均衡器/路由器的IP,并获得用户的实际IP地址,我将不得不使用 HTTP_X_FORWARDED_FOR
My app tracks the IP address of users logging into the site. The tracking was working fine on a regular web server (we were on hostgator) but seemed to start tracking odd IP addresses when we switch to a PaaS platform (pagodabox) After speaking to pagodabox support they informed me that the IPs codeigniter was picking up was the IPs of the load balancers/routers of pagodabox and to get a user's actual IP address I would have to utilize HTTP_X_FORWARDED_FOR
我使用codeigniter的输入类函数 $ this-> input-> ip_address()来检索用户的IP。我看了一下这个函数,发现他们有一些功能来检索 HTTP_X_FORWARDED_FOR IP值,但我不知道如何使用它。我必须在配置中更改/添加一些东西吗?
I was using codeigniter's input class function $this->input->ip_address() to retreive the user's IP. I looked at the function and noticed they had some sort of features to retreive the HTTP_X_FORWARDED_FOR IP value but I am not sure how to use it. Do i have to change/add something in the config?
编辑:在几个用户指出我应该在负载平衡器的IP地址列表中添加一个新问题出现了:如果IP的变化频繁,我该怎么办? (即没有静态IP,所有动态)
After a few users have pointed out where I should add in the list of IP addresses of load balancers a new question came up: What would I do if the list of IP's change frequently? (ie no static IP, all dynamic)
推荐答案
我确定你现在已经解决了,将发布正确答案供将来参考。我遇到了同样的问题(使用CodeIgniter应用程序在AWS上使用负载均衡器)如你所指出的,在负载均衡器或其他使用HTTP_X_FORWARDED_FOR头的分布式环境后面获得正确的IP是很容易的。问题是我们如何在CodeIgniter中正确实现此解决方案?如前面的答案指出:编写自己的IP功能。这个问题是,如果ip_address()被调用整个应用程序?不会更好地重写该函数(有一个看着正确的头)? CodeIgniter有一个方便的机制,这是方便的:
I'm sure you've resolved this by now, but I thought I would post the correct answer for future reference. I came across this same problem (Using load balancers on AWS with a CodeIgniter app.) As you pointed out, it's easy enough to get the correct IP behind a load balancer or other distributed environment using the HTTP_X_FORWARDED_FOR header. The problem is how do we correctly implement this solution in CodeIgniter? As the previous answer points out: Write your own IP function. The problem with this, is what if ip_address() is called throughout your app? Wouldn't it be better to override that function (With one that looks at the correct header)? CodeIgniter has a convenient mechanism for this, which is handy:
解决方案是扩展CodeIgniter输入类,通过创建一个新的类文件在/ application / core称为MY_Input .php(MY_是扩展的可配置前缀,可以在配置文件中更改它)。使用扩展,您可以创建一个SAME名称的函数作为原始类方法,而不破坏任何东西,并且无需编辑核心文件。 CodeIgniter将只使用您的新方法。您的扩展输入类将如下所示:
The solution is to extend the CodeIgniter Input class, by creating a new class file in /application/core called MY_Input.php (MY_ is a configurable prefix for extensions, you can change it in your config file). With extensions, you can create a function of the SAME name as the original class method without breaking anything, and without editing core files. CodeIgniter will just use your new method instead. Your extended input class will look something like this:
class MY_Input extends CI_Input {
function __construct()
{
parent::__construct();
}
//Overide ip_address() with your own function
function ip_address()
{
//Obtain the IP address however you'd like, you may want to do additional validation, etc..
$correct_ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
return $correct_ip_address;
}
}
这样我们就改变了核心行为框架和现有的对ip_address()的调用现在将使用你的方法。
This way we've changed the core behavior without hacking the framework, and existing calls to ip_address() throughout your app will now be using your method.
关于处理链中的其他IP,如果你只有对客户端IP感兴趣,不要紧。至少使用AWS负载平衡器,HTTP_X_FORWARDED_FOR标头似乎总是包含正确的客户端IP。
With regards to dealing with other IP's in the chain, if you're only interested in the client IP, it shouldn't matter. With AWS load balancers at least, the HTTP_X_FORWARDED_FOR header seems to always contain the correct client IP.
这篇关于使用codeigniter检索用户的真实IP的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
