使用防火牆Phpwind 網站如何獲取用戶的真實IP?

使用WAF後,用戶訪問網站的是通過WAF服務器間接訪問網站服務器的,Phpwind論壇可能會在獲取用戶IP時,直接獲取WAF的IP,而不能直接獲取到用戶的真實IP,在此提出一些解決方案。

phpwind 8.7按照如下代碼,修改1個文件即可(9.0參照下文):
1、修改 /require/common.php搜索“HTTP_CLIENT_IP”,找到如下代碼。


function pwGetIp() { global $pwServer, $db_xforwardip; if ($db_xforwardip) { if ($pwServer['HTTP_X_FORWARDED_FOR'] && $pwServer['REMOTE_ADDR']) { if (strstr($pwServer['HTTP_X_FORWARDED_FOR'], ',')) { $x = explode(',', $pwServer['HTTP_X_FORWARDED_FOR']); $pwServer['HTTP_X_FORWARDED_FOR'] = trim(end($x)); } if (preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $pwServer['HTTP_X_FORWARDED_FOR'])) {return $pwServer['HTTP_X_FORWARDED_FOR'];} } elseif ($pwServer['HTTP_CLIENT_IP'] && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $pwServer['HTTP_CLIENT_IP'])) {return $pwServer['HTTP_CLIENT_IP'];} } $db_xforwardip = 0; if (preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $pwServer['REMOTE_ADDR'])) {return $pwServer['REMOTE_ADDR'];} return 'Unknown';}

2、將其修改為如下代碼,即刪除上面代碼中的第十行除第一個"}"外,以及刪除第13行內容:



function pwGetIp() { global $pwServer, $db_xforwardip; $ip = $_SERVER['REMOTE_ADDR']; if (isset($_SERVER['HTTP_X_REAL_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_REAL_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_REAL_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_CLIENT_IP']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } return $ip;}


phpwind 9.0按照如下代碼,修改1個文件即可:
1、打開 "/src/aCloud/system/core/ACloudSysCoreCommon.php",修改前建議備份本文件。
2、查找“get_Ip()”,找到如下代碼:


public static function getIp() { static $ip = null; if (! $ip) { if (isset ( $_SERVER ['HTTP_X_FORWARDED_FOR'] ) && $_SERVER ['HTTP_X_FORWARDED_FOR'] && $_SERVER ['REMOTE_ADDR']) { if (strstr ( $_SERVER ['HTTP_X_FORWARDED_FOR'], ',' )) { $x = explode ( ',', $_SERVER ['HTTP_X_FORWARDED_FOR'] ); $_SERVER ['HTTP_X_FORWARDED_FOR'] = trim ( end ( $x ) ); } if (preg_match ( '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER ['HTTP_X_FORWARDED_FOR'] )) { $ip = $_SERVER ['HTTP_X_FORWARDED_FOR']; } } elseif (isset ( $_SERVER ['HTTP_CLIENT_IP'] ) && $_SERVER ['HTTP_CLIENT_IP'] && preg_match ( '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER ['HTTP_CLIENT_IP'] )) { $ip = $_SERVER ['HTTP_CLIENT_IP']; } if (! $ip && preg_match ( '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER ['REMOTE_ADDR'] )) { $ip = $_SERVER ['REMOTE_ADDR']; } ! $ip && $ip = 'Unknown'; } return $ip; }

3、將以上代碼修改為:


public static function getIp() { $ip = $_SERVER['REMOTE_ADDR']; if (isset($_SERVER['HTTP_X_REAL_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_REAL_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_REAL_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_CLIENT_IP']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } return $ip;}
  • 0 會員發現這個文章很有用
此答案有用嗎?

相關文章

網路設計業者報價台灣的伺服器,是否真的有需要這麼貴嗎?對方告訴我,他們公司設計師習慣在這家伺服器底下工作,這樣是不是客戶就真的沒得挑了呢?

看您的網站需求,而決定空間的種類,假如您網站是多媒體有提供檔案與影音讓人線上觀看或者大型檔案下載,那您可能就需要獨立的伺服器或者VPS,那麼空間的價格可能就會比較貴一點,一般公司的官方網站虛擬主...

網頁無法瀏覽?? 檢測主機是否正常運行及網頁的瀏覽速度

為什麼常常無法開啟網頁 ? 連管理介面有時候也都換斷線 ? 在無法瀏覽時您是否有查看主機是否正常運行?...

HTTP Status Codes ( 狀態碼 )

HTTP CODES - 100-101 100 - Continue ( 繼續 ) Tells the client that the first part of the...

雲端主機代管服務範圍與售價

Pro-Active Managed Support 每月費用為2500 TWD。我們提供主動式積極監控與管理服務(僅限於CentOS+Cpanel)。 服務範圍如下:...

500 Internal Server Error ,Service Temporarily Unavailable! ,Resource Limit Is Reached!

為何網站會出現下列錯誤訊息?!Internal Server ErrorThe server encountered an internal error or misconfiguration...

Powered by WHMCompleteSolution