使用防火牆Phpwind 網站如何獲取用戶的真實IP?

使用WAF後,用戶訪問網站的是通過WAF服務器間接訪問網站服務器的,Phpwind論壇可能會在獲取用戶IP時,直接獲取WAF的IP,而不能直接獲取到用戶的真實IP,在此提出一些解決方案。

phpwind 8.7按照如下代碼,修改1個文件即可(9.0參照下文):
1、修改 /require/common.php搜索“HTTP_CLIENT_IP”,找到如下代碼。


function pwGetIp() { global $pwServer, $db_xforwardip; if ($db_xforwardip) { if ($pwServer['HTTP_X_FORWARDED_FOR'] && $pwServer['REMOTE_ADDR']) { if (strstr($pwServer['HTTP_X_FORWARDED_FOR'], ',')) { $x = explode(',', $pwServer['HTTP_X_FORWARDED_FOR']); $pwServer['HTTP_X_FORWARDED_FOR'] = trim(end($x)); } if (preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $pwServer['HTTP_X_FORWARDED_FOR'])) {return $pwServer['HTTP_X_FORWARDED_FOR'];} } elseif ($pwServer['HTTP_CLIENT_IP'] && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $pwServer['HTTP_CLIENT_IP'])) {return $pwServer['HTTP_CLIENT_IP'];} } $db_xforwardip = 0; if (preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $pwServer['REMOTE_ADDR'])) {return $pwServer['REMOTE_ADDR'];} return 'Unknown';}

2、將其修改為如下代碼,即刪除上面代碼中的第十行除第一個"}"外,以及刪除第13行內容:



function pwGetIp() { global $pwServer, $db_xforwardip; $ip = $_SERVER['REMOTE_ADDR']; if (isset($_SERVER['HTTP_X_REAL_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_REAL_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_REAL_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_CLIENT_IP']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } return $ip;}


phpwind 9.0按照如下代碼,修改1個文件即可:
1、打開 "/src/aCloud/system/core/ACloudSysCoreCommon.php",修改前建議備份本文件。
2、查找“get_Ip()”,找到如下代碼:


public static function getIp() { static $ip = null; if (! $ip) { if (isset ( $_SERVER ['HTTP_X_FORWARDED_FOR'] ) && $_SERVER ['HTTP_X_FORWARDED_FOR'] && $_SERVER ['REMOTE_ADDR']) { if (strstr ( $_SERVER ['HTTP_X_FORWARDED_FOR'], ',' )) { $x = explode ( ',', $_SERVER ['HTTP_X_FORWARDED_FOR'] ); $_SERVER ['HTTP_X_FORWARDED_FOR'] = trim ( end ( $x ) ); } if (preg_match ( '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER ['HTTP_X_FORWARDED_FOR'] )) { $ip = $_SERVER ['HTTP_X_FORWARDED_FOR']; } } elseif (isset ( $_SERVER ['HTTP_CLIENT_IP'] ) && $_SERVER ['HTTP_CLIENT_IP'] && preg_match ( '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER ['HTTP_CLIENT_IP'] )) { $ip = $_SERVER ['HTTP_CLIENT_IP']; } if (! $ip && preg_match ( '/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER ['REMOTE_ADDR'] )) { $ip = $_SERVER ['REMOTE_ADDR']; } ! $ip && $ip = 'Unknown'; } return $ip; }

3、將以上代碼修改為:


public static function getIp() { $ip = $_SERVER['REMOTE_ADDR']; if (isset($_SERVER['HTTP_X_REAL_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_REAL_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_REAL_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_X_FORWARDED_FOR'])) { $ip = $_SERVER['HTTP_X_FORWARDED_FOR']; } elseif (isset($_SERVER['HTTP_CLIENT_IP']) && preg_match('/^([0-9]{1,3}\.){3}[0-9]{1,3}$/', $_SERVER['HTTP_CLIENT_IP'])) { $ip = $_SERVER['HTTP_CLIENT_IP']; } return $ip;}
  • 0 Utilizadores acharam útil
Esta resposta foi útil?

Artigos Relacionados

我訂的是亞州機房,為何會顯示是美國IP?

要判定機房位置,可從Ping/Trace Route 來查詢。若在亞州對亞州國家連線之ping值 一定會小於100ms,而亞州對美國之ping 值一定會大於100ms。這是重要的判斷依據。...

如果伺服器架美國,台灣人是否就無法設計以及進行架網?

做網頁為何一定要架設伺服器呢? 網頁+空間=線上瀏覽的網站...

解決IE與chrome 無法正常顯示雲端主機頁面之問題

設定IE9顯示混合內容於IE9 →「網際網路選項」→「安全性」→「網際網路」→「自訂等級」→「顯示混合的內容」中,點選『啟用』即可。...

.htaccess: 重寫規則工作一貫的子域和子目錄

有沒有辦法讓規則適用於子域和子目錄?可參考下列範例自行修改 Options+FollowSymlinks-MultiViews RewriteEngineOn...

停用網頁裡的Javascript看Java是否造成網頁瀏覽變慢的主因?!

現在的網站,大都使用了Javascript語言來增加廣告收益或者是網頁特效,但過多的Javascript會造成網頁開啟速度變慢、用戶端CPU及記憶體的消耗,為了檢測是網站主機的速度或者是第三方主...

Powered by WHMCompleteSolution