Title: IP detection problem
Last modified: June 15, 2018

---

# IP detection problem

 *  [raskolt](https://wordpress.org/support/users/raskolt/)
 * (@raskolt)
 * [7 years, 11 months ago](https://wordpress.org/support/topic/ip-detection-problem/)
 * Hi everyone
 * I am building an ecommerce website on Godaddy hosting.
 * It is behing a reverse proxy so I can not get the real ip of the users. I added[
   HTTP_X_REAL_IP] code to the wpconfig.file and got users’ real ips.
 * Unfortunately, the ip starts with :ffff: prefix and Payfort does not accept it.
   I tried many plugins including WP Cerber but none of them give an ip without :
   ffff: prefix.
 * Do you know how to solve it?
 * [https://www.bynicolas.com/code/x-forwarded-for-http-user-real-ip-wordpress-config/](https://www.bynicolas.com/code/x-forwarded-for-http-user-real-ip-wordpress-config/)
 * I used this method and many codes but not solving it.
 * // Code for showing correct client IP address
    if ( isset( $_SERVER[‘HTTP_X_FORWARDED_FOR’])){
   $mte_xffaddrs = explode( ‘,’, $_SERVER[‘HTTP_X_FORWARDED_FOR’] ); $_SERVER[‘REMOTE_ADDR’]
   = $mte_xffaddrs[0]; }
 * Thanks in advance
    Raskolt

Viewing 4 replies - 1 through 4 (of 4 total)

 *  [te_taipo](https://wordpress.org/support/users/te_taipo/)
 * (@te_taipo)
 * [7 years, 11 months ago](https://wordpress.org/support/topic/ip-detection-problem/#post-10402563)
 * Upload a php file to your website with the following code:
 * `<?php print_r( $_SERVER ); ?>`
 * Go the the page in your browser then View Page Source and see if you can see 
   your own IP address appear there under any of the variables.
 * Also the main thing to remember is that `REMOTE_ADDR` is the only IP header you
   can trust. All other IP headers can be spoofed by an attacker.
 *  Thread Starter [raskolt](https://wordpress.org/support/users/raskolt/)
 * (@raskolt)
 * [7 years, 11 months ago](https://wordpress.org/support/topic/ip-detection-problem/#post-10407403)
 * Hi
 * I uploaded that file and I could see my ip there.
 * It is still ::ffff:176.xxx.xxx.xxx format.
 * There is ffff in the prefix.
 *  [te_taipo](https://wordpress.org/support/users/te_taipo/)
 * (@te_taipo)
 * [7 years, 11 months ago](https://wordpress.org/support/topic/ip-detection-problem/#post-10407742)
 * Part of the IPv4 / IPv6 overlap unfortunately.
 * What was the $_SERVER variable that was reporting your correct browsers IP?
 *  [te_taipo](https://wordpress.org/support/users/te_taipo/)
 * (@te_taipo)
 * [7 years, 11 months ago](https://wordpress.org/support/topic/ip-detection-problem/#post-10407806)
 * Try something like this: (still hit and miss until we know which _SERVER variable
   is reporting the right IP address)
 *     ```
       # warning, most of these IP header variables can be spoofed by an attacker
       $ip_vars = array(
                   'HTTP_FORWARDED_FOR',
                   'HTTP_CLIENT_IP',
                   'HTTP_X_CLUSTER_CLIENT_IP',
                   'HTTP_X_ORIGINATING_IP',
                   'HTTP_X_REMOTE_IP',
                   'HTTP_FORWARDED',
                   'HTTP_CF_CONNECTING_IP',
                   'HTTP_X_FORWARDED_FOR',
                   'REMOTE_ADDR'
       );
       $x = 0;
       $alt_ip = "";
       while ( $x < count( $ip_vars ) ) {
           if ( array_key_exists( $ip_vars[ $x ], $_SERVER ) ) {
                   $ip_header = $_SERVER[ $ip_vars[ $x ] ];
                   $mte_xffaddrs = ( false !== strpos( $ip_header, ',' ) ) ? str_replace( ' ', '', $ip_header ) : str_replace( ' ', ',', $ip_header );
                   $mte_xffaddrs = explode( ',', $ip_header );
                   for( $x = 0; $x < count( $mte_xffaddrs ); $x++ ) {
                       if ( false !== ( false !== @inet_pton( $mte_xffaddrs[ $x ] ) ) ) {
                           $alt_ip = $mte_xffaddrs[ $x ];
                           break 2;
                       }
                   }
               }
       $x++;
       }
       // do what you wish with $alt_ip;
       echo "alt_ip = " . $alt_ip;
       ```
   

Viewing 4 replies - 1 through 4 (of 4 total)

The topic ‘IP detection problem’ is closed to new replies.

## Tags

 * [IP](https://wordpress.org/support/topic-tag/ip/)
 * [reverse proxy](https://wordpress.org/support/topic-tag/reverse-proxy/)

 * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/)
 * 4 replies
 * 2 participants
 * Last reply from: [te_taipo](https://wordpress.org/support/users/te_taipo/)
 * Last activity: [7 years, 11 months ago](https://wordpress.org/support/topic/ip-detection-problem/#post-10407806)
 * Status: not resolved

## Topics

### Topics with no replies

### Non-support topics

### Resolved topics

### Unresolved topics

### All topics