On Fri, Jul 25, 2014 at 6:27 PM, Ashley Sheridan <ash@xxxxxxxxxxxxxxxxxxxx> wrote: > I've had this before on a load balanced environment, and the original ip > was being stuffed into another (custom) header (can't remember what just > now) > > On 25 July 2014 19:16:36 BST, Lester Caine <lester@xxxxxxxxxxx> wrote: > >Not exactly a PHP problem, but a number of my sites are now being > >plagued by the fallout from it. > > > >gethostbyaddr($_SERVER["REMOTE_ADDR"]); > >Has worked perfectly for many years now, so I know exactly which Desk > >or > >Counter is trying to log in, and I can direct announcements to the > >correct location. > > > >Some of you will already have spotted the current problem ... VDI ... > >This reports a host name based on the VDI desktop accessed from the > >'farm' which whilst irritating since one has to keep changing it each > >day, is actually changing even during a 'session' so a caller ticket is > >accessed, and can take over an hour at times to deal with, by which > >time > >the VDI number has changed, and you can't clear the ticket :( > > > >We can switch to manually specifying the location as part of the login > >process, butit's all to easy to select the wrong Desk especially if you > >were working on an adjacent one a previous day. > > > >To my way of thinking, the IP address should be for the physical > >machine > >that we are working with? So if the MAC address has an IP address > >locked > >to that machine then I should be able to simply drop back to that and > >ignore the host name? But I'm being told that $_SERVER["REMOTE_ADDR"] > >may not be the local IP address? > > > >Anybody got some insight into how we can get around this problem? My > >particular beef with the way things are currently being run is that the > >networ team seem to have no idea in the case of a suspicious access > >attempt even which building the offender is located let alone what > >desk, > >and I can't believe that is acceptable security practice? > > Thanks, > Ash > > -- > PHP General Mailing List (http://www.php.net/) > To unsubscribe, visit: http://www.php.net/unsub.php > > There are a couple of server variables you can check for the IP you want: HTTP_CLIENT_IP HTTP_X_FORWARDED_FOR REMOTE_ADDR The following are not usually used, but I did see them used on several systems: HTTP_X_FORWARDED HTTP_FORWARDED_FOR HTTP_FORWARDED HTTP_X_CLUSTER_CLIENT_IP If none of the above work, consult your proxy or switch manual, hopefully they have followed industrial standards and one of the above does work,
