Hey everyone,
Does someone know the best practice for detecting ip addresses with php/apache for use in reporting/metrics? I'm re-evaluating our code for detecting ips and I see it's built towards getting a unique browser ip without regard for how easily it can be spoofed. For example, we're using X-FORWARDED-FOR which I know can be very easily spoofed by proxy servers so it should only be done with trusted proxies like AOL. Does anyone know where to find a good list of ips of trusted proxies (as well as maybe a list of known anonymous proxy servers)? Also, is there any reason to use HTTP_CLIENT_IP? The current code we have looks to use that first if it's available. But I'm not exactly sure the difference between that header and REMOTE_ADDR. Thanks a lot, Rob Hi Rob, Yes I assuming you are partly asking this based upon the amount of form spam and the amount of people using anonymous proxing. Some RBLs that might be of help Some of the public ones out there (not complete) http://www.dronebl.org/ http://www.stopforumspam.com/ (which we have converted into a local RBL) http://rbl.efnetrbl.org/ As of previous RBLs were designed to be for only SMTP but as the botnets progress to web based attacks/spam they are being reused for other proposes. Here is the obligatory PHP code to test RBLs and if a proxy service http://www.jhurliman.org/index.php/2005/open-proxy-rbl-lookups-in-php/ http://w-shadow.com/blog/2007/11/23/detect-users-accessing-your-site-via-a-p roxy/ There also exists apache plugins to block/redirect to other web pages if on a specified RBLs Offline I can discuss other things we are developing to help protect our network by using RBLs RBLs aren't just for SMTP anymore. -L -- Larry Ludwig Empowering Media 1-866-792-0489 x600 Managed and Unmanaged Xen VPSes http://www.hostcube.com/
_______________________________________________ New York PHP Community Talk Mailing List http://lists.nyphp.org/mailman/listinfo/talk NYPHPCon 2006 Presentations Online http://www.nyphpcon.com Show Your Participation in New York PHP http://www.nyphp.org/show_participation.php
