I've noticed that when using Apache(htaccess) to hide .php extension is actually changing the return of the $_SERVER['REMOTE_ADDR']; from returning the visitors IP to returning the Domain or the server IP.
RewriteBase /
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME}\.php -f
RewriteRule ^(.*)$ $1.php
that's what I'm using for my htaccess file and nothing that
<?php
echo $_SERVER['REMOTE_ADDR'];
?>
in my php file is there anyway that could fix the return of $_SERVER['REMOTE_ADDR'] to be a visitor ip?
Firstly to echo deceze's comment - this is weird, and I don't think caused by the Apache / htaccess rules here. Is there more going on?
Try using:
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARTDED_FOR'] != '') {
$ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip_address = $_SERVER['REMOTE_ADDR'];
}
echo $ip_address;
Does that give a more accurate IP at least?
so after almost 4 hours of investigations and hard work. I figured out that the REMOTE_ADDR is actually cannot be trusted all the time. however i tried something else instead but it didn't work. at the end I knew that $_SERVER has an array. so really that's what I did
foreach($_SERVER as $key => $value){
echo $key.'_____'.$value."<br/>";
}
and I found this $_SERVER['HTTP_X_REAL_IP']; it works just fine. I hope this helps someone else.