使用防火牆Phpwind 網站如何獲取用戶的真實IP?

使用WAF後,用戶訪問網站的是通過WAF服務器間接訪問網站服務器的,Phpwind論壇可能會在獲取用戶IP時,直接獲取WAF的IP,而不能直接獲取到用戶的真實IP,在此提出一些解決方案。

phpwind 8.7按照如下代碼,修改1個文件即可(9.0參照下文):
1、修改 /require/common.php搜索“HTTP_CLIENT_IP”,找到如下代碼。


function pwGetIp() { global $pwServer, $db_xforwardip; if ($db_xforwardip) { if ($pwServer['HTTP_X_FORWARDED_FOR'] && $pwServer['REMOTE_ADDR']) { if (strstr($pwServer['HTTP_X_FORWARDED_FOR'], ',')) { $x = explode(',', $pwServer['HTTP_X_FORWARDED_FOR']); $pwServer['HTTP_X_FORWARDED_FOR'] = trim(end($x)); } if (preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $pwServer['HTTP_X_FORWARDED_FOR'])) {return $pwServer['HTTP_X_FORWARDED_FOR'];} } elseif ($pwServer['HTTP_CLIENT_IP'] && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $pwServer['HTTP_CLIENT_IP'])) {return $pwServer['HTTP_CLIENT_IP'];} } $db_xforwardip = 0; if (preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $pwServer['REMOTE_ADDR'])) {return $pwServer['REMOTE_ADDR'];} return 'Unknown';}

2、將其修改為如下代碼,即刪除上面代碼中的第十行除第一個"}"外,以及刪除第13行內容:



function pwGetIp() { global $pwServer, $db_xforwardip; $ip = $_SERVER['REMOTE_ADDR']; if (isset($_SERVER['HTTP_X_REAL_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_REAL_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_REAL_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_CLIENT_IP']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } return $ip;}


phpwind 9.0按照如下代碼,修改1個文件即可:
1、打開 "/src/aCloud/system/core/ACloudSysCoreCommon.php",修改前建議備份本文件。
2、查找“get_Ip()”,找到如下代碼:


public static function getIp() { static $ip = null; if (! $ip) { if (isset ( $_SERVER ['HTTP_X_FORWARDED_FOR'] ) && $_SERVER ['HTTP_X_FORWARDED_FOR'] && $_SERVER ['REMOTE_ADDR']) { if (strstr ( $_SERVER ['HTTP_X_FORWARDED_FOR'], ',' )) { $x = explode ( ',', $_SERVER ['HTTP_X_FORWARDED_FOR'] ); $_SERVER ['HTTP_X_FORWARDED_FOR'] = trim ( end ( $x ) ); } if (preg_match ( '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER ['HTTP_X_FORWARDED_FOR'] )) { $ip = $_SERVER ['HTTP_X_FORWARDED_FOR']; } } elseif (isset ( $_SERVER ['HTTP_CLIENT_IP'] ) && $_SERVER ['HTTP_CLIENT_IP'] && preg_match ( '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER ['HTTP_CLIENT_IP'] )) { $ip = $_SERVER ['HTTP_CLIENT_IP']; } if (! $ip && preg_match ( '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER ['REMOTE_ADDR'] )) { $ip = $_SERVER ['REMOTE_ADDR']; } ! $ip && $ip = 'Unknown'; } return $ip; }

3、將以上代碼修改為:


public static function getIp() { $ip = $_SERVER['REMOTE_ADDR']; if (isset($_SERVER['HTTP_X_REAL_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_REAL_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_REAL_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_CLIENT_IP']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } return $ip;}
  • 0 Корисниците го најдоа ова како корисно
Дали Ви помогна овој одговор?

Понудени резултати

在美國的虛擬主機之SEO與速度會比台灣主機差嗎?

網站在國外的話建議網站架設在美國,因為美國全世界的出口頻寬都比台灣大很多,在國外瀏覽美國網站速度當然優於台灣,對於SEO搜尋是不會影響的。

HTTP Status Codes ( 狀態碼 )

HTTP CODES - 100-101 100 - Continue ( 繼續 ) Tells the client that the first part of the...

網頁出現無效的伺服器憑證?! (google chrome)

請檢查一下電腦的系統時間是不是跑掉了,或瀏覽器設定→進階選項→HTTPS/SSL→不要打勾,檢查伺服器憑證撤銷即可解決。...

.htaccess: 重寫規則工作一貫的子域和子目錄

有沒有辦法讓規則適用於子域和子目錄?可參考下列範例自行修改 Options+FollowSymlinks-MultiViews RewriteEngineOn...

什麼是FTP?

FTP 檔案標準傳輸協定. 簡單來說它是一個方便的工具,可以用來移動一台電腦的檔案至另外一台電腦注意!FTP 在fantastic-host.net 虛擬主機方案中的連接阜(port)均為21

Powered by WHMCompleteSolution