共用方式為

How to obtain IP address of a client behind proxy via web service

  • 發行項

 

Consider the following scenario:

One of my customers would like to know how to obtain IP address of a client with web service. The application at client side will call a web service method hosted on IIS server and that web service could get the IP address of the client then determine whether the IP address is valid to get accessed. His product environment has proxy server and the exact IP address he wants to obtain is the one used by router to access external network. Here, I would like to provide a general method to fetch clients’ IP address through web service and give an explanation on the result in terms of different hardware conditions.

[Sample Code]

===========

[WebMethod]

public string GetCustomerIP()

{

string CustomerIP = "";

if (HttpContext.Current.Request.ServerVariables["HTTP_VIA"] != null)

{

          CustomerIP = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"].ToString();

}

else

{

           CustomerIP = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"].ToString();

 }

            return CustomerIP;

}

In above sample code, HTTP_VIA is used to judge whether the client is using proxy server. If client uses proxy server, then the web method will try to obtain IP address behind the proxy server. In many situations, the IP addresses we get are probably the addresses of proxy server. Below is the information on HTTP proxy:

1. Not Use Any Proxy Server:

REMOTE_ADDR = IP address of client

HTTP_VIA = No value or No display

HTTP_X_FORWARDED_FOR = No value or No display

2. Use Transparent Proxies:

REMOTE_ADDR = IP address of proxy server

HTTP_VIA = IP address of proxy server

HTTP_X_FORWARDED_FOR = Real IP address of client

3. Use Normal Anonymous Proxies:

REMOTE_ADDR = IP address of proxy server

HTTP_VIA = IP address of proxy server

HTTP_X_FORWARDED_FOR = IP address of proxy server

4. Use Distorting Proxies:

REMOTE_ADDR = IP address of proxy server

HTTP_VIA = IP address of proxy server

HTTP_X_FORWARDED_FOR = Random IP address

5. Use High Anonymity Proxies (Elite proxies):

REMOTE_ADDR = IP address of proxy server

HTTP_VIA = No value or No display

HTTP_X_FORWARDED_FOR = No value or No display

Another fact that may affect the result of above web service is the configuration of router. If the router of local area network enables NAT (network address translation), then the IP address obtained is the address used by the router to access external network. If NAT is disabled, then the IP address is the client's IP address within local area network.

Before use above sample code, we should first consider the real product environment and then use it accordingly.

Reference

========

A Probability to Get Wrong Information

https://www.codeproject.com/KB/cs/KBSoftIPLocator.aspx

Getting the Real IP Of Your Users

https://www.thepcspy.com/read/getting_the_real_ip_of_your_users

Best regards,

 

Hanson Wang

Comments

  • Anonymous
    March 31, 2010
    Hi,I also ran into the problem to get the correct client IP address, not the one of our proxy sitting in front of our web server. So I did a quick research and found several hints pointing to use the HttpContext server variable HTTP_X_FORWARDED_FOR. But in our case (a WCF service hosted on IIS using WsHttp with an https URL) that http header does not seem to come through (please have a look of all the server variables that are visible from our WCF service).What can be the reason?settings of our proxy?settings of the client proxy? usage of https? missing config setting on the service side or on the client side? Any help welcome!Thanks,MichaelAPPENDIX - All ServerVariables that come with the client request: No HTTP_X_FORWARDED_FOR entry, and REMOTE_ADDR points to 192.168.100.1, i.e. our default gateway caa-isaMessage: ServerVariables["ALL_HTTP"]: HTTP_CONNECTION:Keep-AliveMessage: ServerVariables["ALL_RAW"]: Connection: Keep-AliveMessage: ServerVariables["APPL_MD_PATH"]: /LM/W3SVC/2/ROOT/TestMessage: ServerVariables["APPL_PHYSICAL_PATH"]: C:inetpubwwwrootoccurrences.caa.govt.nzTestMessage: ServerVariables["AUTH_TYPE"]:Message: ServerVariables["AUTH_USER"]:Message: ServerVariables["AUTH_PASSWORD"]:Message: ServerVariables["LOGON_USER"]:Message: ServerVariables["REMOTE_USER"]:Message: ServerVariables["CERT_COOKIE"]:Message: ServerVariables["CERT_FLAGS"]:Message: ServerVariables["CERT_ISSUER"]:Message: ServerVariables["CERT_KEYSIZE"]: 128Message: ServerVariables["CERT_SECRETKEYSIZE"]: 1024Message: ServerVariables["CERT_SERIALNUMBER"]:Message: ServerVariables["CERT_SERVER_ISSUER"]: C=US, O="Entrust, Inc.", OU=www.entrust.net/rpa is incorporated by reference, OU="(c) 2009 Entrust, Inc.", CN=Entrust Certification Authority - L1CMessage: ServerVariables["CERT_SERVER_SUBJECT"]: C=NZ, L=Wellington, O=Civil Aviation Authority of New Zealand, OU=IT, CN=Occurrences.caa.govt.nzMessage: ServerVariables["CERT_SUBJECT"]:Message: ServerVariables["CONTENT_LENGTH"]: 36560Message: ServerVariables["CONTENT_TYPE"]: multipart/related; type="application/xop+xml";start="<http://tempuri.org/0>";boundary="uuid:4c06d7aa-0be4-421e-8e25-7da504fa5fa1+id=1";start-info="application/soap+xml"Message: ServerVariables["GATEWAY_INTERFACE"]: CGI/1.1Message: ServerVariables["HTTPS"]: onMessage: ServerVariables["HTTPS_KEYSIZE"]: 128Message: ServerVariables["HTTPS_SECRETKEYSIZE"]: 1024Message: ServerVariables["HTTPS_SERVER_ISSUER"]: C=US, O="Entrust, Inc.", OU=www.entrust.net/rpa is incorporated by reference, OU="(c) 2009 Entrust, Inc.", CN=Entrust Certification Authority - L1CMessage: ServerVariables["HTTPS_SERVER_SUBJECT"]: C=NZ, L=Wellington, O=Civil Aviation Authority of New Zealand, OU=IT, CN=Occurrences.caa.govt.nzMessage: ServerVariables["INSTANCE_ID"]: 2Message: ServerVariables["INSTANCE_META_PATH"]: /LM/W3SVC/2Message: ServerVariables["LOCAL_ADDR"]: 192.168.100.15Message: ServerVariables["PATH_INFO"]: /Test/CAA.Part12Interface.CaptureService.CaptureService.svcMessage: ServerVariables["PATH_TRANSLATED"]: C:inetpubwwwrootoccurrences.caa.govt.nzTestCAA.Part12Interface.CaptureService.CaptureService.svcMessage: ServerVariables["QUERY_STRING"]:Message: ServerVariables["REMOTE_ADDR"]: 192.168.100.1Message: ServerVariables["REMOTE_HOST"]: 192.168.100.1Message: ServerVariables["REMOTE_PORT"]: 27725Message: ServerVariables["REQUEST_METHOD"]: POSTMessage: ServerVariables["SCRIPT_NAME"]: /Test/CAA.Part12Interface.CaptureService.CaptureService.svcMessage: ServerVariables["SERVER_NAME"]: occurrences.caa.govt.nzMessage: ServerVariables["SERVER_PORT"]: 443Message: ServerVariables["SERVER_PORT_SECURE"]: 1Message: ServerVariables["SERVER_PROTOCOL"]: HTTP/1.1Message: ServerVariables["SERVER_SOFTWARE"]: Microsoft-IIS/7.0Message: ServerVariables["URL"]: /Test/CAA.Part12Interface.CaptureService.CaptureService.svcMessage: ServerVariables["HTTP_CONNECTION"]: Keep-AliveMessage: ServerVariables["HTTP_CONTENT_LENGTH"]: 36560Message: ServerVariables["HTTP_CONTENT_TYPE"]: multipart/related; type="application/xop+xml";start="<http://tempuri.org/0>";boundary="uuid:4c06d7aa-0be4-421e-8e25-7da504fa5fa1+id=1";start-info="application/soap+xml"Message: ServerVariables["HTTP_HOST"]: occurrences.caa.govt.nzMessage: ServerVariables["HTTP_REVERSE_VIA"]: CAA-ISAMessage: ServerVariables["HTTP_MIME_VERSION"]: 1.0

  • Anonymous
    March 25, 2014
    Sorry to ask question on a old post. but I need this urgently.After executing your code, i am always getting the hosted server ip. Any solution to get the client ip instead?

  • Anonymous
    October 20, 2014
    awesome information dude, thanks! it was very usefull for me

  • Anonymous
    April 30, 2015
    Hi. I apologize for writing on such an old post, but I'm having pretty much the same problem as mjheitland, and was wondering if you got to fix it.