I am trying to get the client's IP address in Laravel.
It is easy to get a client's IP in PHP by using $_SERVER["REMOTE_ADDR"]
. It is working fine in core PHP, but when I use the same thing in Laravel, it returns the server IP instead of the visitor's IP.
This question is related to
php
laravel
laravel-5
laravel-5.7
If you are under a load balancer, Laravel's \Request::ip()
always returns the balancer's IP:
echo $request->ip();
// server ip
echo \Request::ip();
// server ip
echo \request()->ip();
// server ip
echo $this->getIp(); //see the method below
// clent ip
This custom method returns the real client ip:
public function getIp(){
foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key){
if (array_key_exists($key, $_SERVER) === true){
foreach (explode(',', $_SERVER[$key]) as $ip){
$ip = trim($ip); // just to be safe
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false){
return $ip;
}
}
}
}
return request()->ip(); // it will return server ip when no client ip found
}
In addition to this I suggest you to be very careful using Laravel's throttle middleware: It uses Laravel's Request::ip()
as well, so all your visitors will be identified as the same user and you will hit the throttle limit very quickly. I experienced this live and this caused big issues.
To fix this:
Illuminate\Http\Request.php
public function ip()
{
//return $this->getClientIp(); //original method
return $this->getIp(); // the above method
}
You can now also use Request::ip()
, which should return the real IP in production.
If you call this function then you easily get the client's IP address. I have already used this in my existing project:
public function getUserIpAddr(){
$ipaddress = '';
if (isset($_SERVER['HTTP_CLIENT_IP']))
$ipaddress = $_SERVER['HTTP_CLIENT_IP'];
else if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_X_FORWARDED']))
$ipaddress = $_SERVER['HTTP_X_FORWARDED'];
else if(isset($_SERVER['HTTP_FORWARDED_FOR']))
$ipaddress = $_SERVER['HTTP_FORWARDED_FOR'];
else if(isset($_SERVER['HTTP_FORWARDED']))
$ipaddress = $_SERVER['HTTP_FORWARDED'];
else if(isset($_SERVER['REMOTE_ADDR']))
$ipaddress = $_SERVER['REMOTE_ADDR'];
else
$ipaddress = 'UNKNOWN';
return $ipaddress;
}
Solution 1: You can use this type of function for getting client IP
public function getClientIPaddress(Request $request) {
$clientIp = $request->ip();
return $clientIp;
}
Solution 2: if the solution1 is not providing accurate IP then you can use this function for getting visitor real IP.
public function getClientIPaddress(Request $request) {
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
$_SERVER['HTTP_CLIENT_IP'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
$client = @$_SERVER['HTTP_CLIENT_IP'];
$forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
$remote = $_SERVER['REMOTE_ADDR'];
if(filter_var($client, FILTER_VALIDATE_IP)){
$clientIp = $client;
}
elseif(filter_var($forward, FILTER_VALIDATE_IP)){
$clientIp = $forward;
}
else{
$clientIp = $remote;
}
return $clientIp;
}
N.B: When you have used load-balancer/proxy-server in your live server then you need to used solution 2 for getting real visitor ip.
I used the Sebastien Horin function getIp and request()->ip() (at global request), because to localhost the getIp function return null:
$this->getIp() ?? request()->ip();
The getIp function:
public function getIp(){
foreach (array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key){
if (array_key_exists($key, $_SERVER) === true){
foreach (explode(',', $_SERVER[$key]) as $ip){
$ip = trim($ip); // just to be safe
if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false){
return $ip;
}
}
}
}
}
Add namespace
use Request;
Then call the function
Request::ip();
There are two things to take care of:
Get a helper function that returns a Illuminate\Http\Request
and call the ->ip()
method:
request()->ip();
Think of your server configuration, it may use a proxy or load-balancer
, especially in an AWS ELB configuration.
If this is your case you need to follow "Configuring Trusted Proxies" or maybe even set a "Trusting All Proxies" option.
Why? Because being your server will be getting your proxy/load-balancer
IP instead.
If you are on the AWS balance-loader, go to App\Http\Middleware\TrustProxies
and make $proxies
declaration look like this:
protected $proxies = '*';
Now test it and celebrate because you just saved yourself from having trouble with throttle middleware. It also relies on request()->ip()
and without setting "TrustProxies" up, you could have all your users blocked from logging in instead of blocking only the culprit's IP.
And because throttle middleware is not explained properly in the documentation, I recommend watching "laravel 5.2 tutorial for beginner, API Rate Limiting"
Tested in Laravel 5.7
If you have multiple layer proxies just like CDN + Load Balancer.
Using Laravel Request::ip() function will get right-most proxy IP but not client IP.
You may try following solution.
app/Http/Middleware/TrustProxies.php
protected $proxies = ['0.0.0.0/0'];
Reference: https://github.com/fideloper/TrustedProxy/issues/107#issuecomment-373065215
When we want the user's ip_address
:
$_SERVER['REMOTE_ADDR']
and want to server address:
$_SERVER['SERVER_ADDR']
If you worry about getting the IP address but do not need or want to use any Laravel functionality, you can use just php:
PHP < 5.3.0
$localIP = getHostByName(php_uname('n'));
PHP >= 5.3.0
$localIP = getHostByName(getHostName());
as answered in this thread: PHP how to get local IP of system
You can get a few way ip address utilizing Request ip, Request getClientIp and solicitation partner work. In this model, I will tell you the best way to get current client ip address in laravel 5.8.
$clientIP = request()->ip();
dd($clientIP);
You can follow this from here
If you want client IP and your server is behind aws elb, then user the following code. Tested for laravel 5.3
$elbSubnet = '172.31.0.0/16';
Request::setTrustedProxies([$elbSubnet]);
$clientIp = $request->ip();
For Laravel 5 you can use the Request object. Just call its ip()
method, something like:
$request->ip();
In Laravel 5.4 we can't call ip static. This a correct way to get the IP of the user:
use Illuminate\Http\Request;
public function contactUS(Request $request)
{
echo $request->ip();
return view('page.contactUS');
}
Use request()->ip()
.
From what I understand, since Laravel 5 it's advised/good practice to use the global functions like:
response()->json($v);
view('path.to.blade');
redirect();
route();
cookie();
And, if anything, when using the functions instead of the static notation my IDE doesn't light up like a Christmas tree.
In Laravel 5
public function index(Request $request) {
$request->ip();
}
If you are still getting 127.0.0.1 as the IP, you need to add your "proxy", but be aware that you have to change it before going into production!
Read "Configuring Trusted Proxies".
And add this:
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array
*/
protected $proxies = '*';
Now request()->ip()
gives you the correct IP.
$ip = $_SERVER['REMOTE_ADDR'];
Source: Stackoverflow.com