On Mar 27, 2008, at 12:34 AM, Larry Ludwig wrote:
On Mar 18, 2008, at 4:16 PM, Rob Marscher wrote:
Hey everyone,
Does someone know the best practice for detecting ip addresses with
php/apache for use in reporting/metrics?
I'm re-evaluating our code for detecting ips and I see it's built
towards getting a unique browser ip without regard for how easily
it can be spoofed. For example, we're using X-FORWARDED-FOR which
I know can be very easily spoofed by proxy servers so it should
only be done with trusted proxies like AOL. Does anyone know where
to find a good list of ips of trusted proxies (as well as maybe a
list of known anonymous proxy servers)?
[snip]
Yes I assuming you are partly asking this based upon the amount of
form spam and the amount of people using anonymous proxing.
Yeah... that and also things like unique click/impression tracking,
identifying people creating multiple accounts on sites, etc. Those
links were pretty helpful. It would be nice if there was a whitelist
maintained of ips for trusted proxies from major ISPs as well.
Thanks,
Rob
_______________________________________________
New York PHP Community Talk Mailing List
http://lists.nyphp.org/mailman/listinfo/talk
NYPHPCon 2006 Presentations Online
http://www.nyphpcon.com
Show Your Participation in New York PHP
http://www.nyphp.org/show_participation.php
