REMOTE_ADDR and IPv6 in PHP
Solution 1
The REMOTE_ADDR key is set by the web server, not PHP. If the web server listens on v6 and the user connects that way, it'll be a v6 address
Solution 2
I have seen a bad IP address reported to php in REMOTE_ADDR from Apache 2.
It was '183.60..244.37'.
So the answer to your question, "Is it safe to assume...", I think is definitely no, REMOTE_ADDR can not be trusted.
As far as I know it is reported to PHP from the server, in my case Apache. Why it was bad I am still trying to figure out. I do know this. It came in as part of a batch of attack requests. Sometimes it was 183.60.244.37 and sometimes it was 183.60..244.37.
See also this.
Alix Axel
If you need to, you can contact me at: alix [dot] axel [at] gmail [dot] com. I'm #SOreadytohelp Some of my GitHub repositories: phunction, a minimalistic PHP HMVC Framework. halBox, bash script to bootstrap Debian/Ubuntu servers. ArrestDB, RESTful API for SQLite, MySQL and PostgreSQL databases. genex.js, Genex module for Node.js. If you know how to work with regexes, have a look at http://namegrep.com/. ;)
Updated on June 04, 2022Comments
-
Alix Axel almost 2 years
Is it safe to assume that
$_SERVER['REMOTE_ADDR']
always returns a IPv4 address?Thanks!
-
Alix Axel about 14 years+1, Thanks! I'm gonna try to figure out how I can convert an IPv6 address to a number.
-
Marc B about 14 yearsphp.net/manual/en/function.inet-pton.php will convert v4 and v6 "string" addresses to their packed representation.
-
Pacerier almost 12 years@Michael IPv6 has many text representations. Is there a standard representation returned by
$_SERVER['REMOTE_ADDR']
? -
Michael Hampton over 11 years@Pacerier You'll get the normal compacted IPv6 addresses or IPv4-mapped IPv6 addresses on a dual-stack system.
-
Alix Axel over 10 yearsNice to know, probably some Apache bug no?
-
Elliptical view over 10 yearsA php developer just told me REMOTE_ADDR comes from cgi and so from the server's tcp connection, and not http. But I'm still working on finding how the server could be reporting this to php, if that is what is happening.