Problem to use user IP instead of server in CURL

Question

Problem to use user IP instead of server in CURL

Asked 5 years, 11 months ago

Viewed 140 times

-2

I’m using a CURL function this way, to read the contents of curl with user IP and not server IP:

function curl($url) {
$curl = curl_init($url) or die("Erro, o CURL não está habilitado.");
curl_setopt($curl, CURLOPT_HTTPHEADER, array('X-Forwarded-For: ' . $_SERVER["HTTP_CF_CONNECTING_IP"]));
curl_setopt($curl, CURLOPT_URL, $url);
curl_setopt($curl, CURLOPT_RETURNTRANSFER, 1);
$string = curl_exec($curl);
curl_close($curl);
return $string;
}

But it’s not working. Ends up using the server IP even using the $_SERVER["HTTP_CF_CONNECTING_IP"], since the site is on Cloudflare.

It is possible to correct this?

1 answer

Browser other questions tagged php curl

You are not signed in. Login or sign up in order to post.

by Inkeliz • **20,671** points · Answer 1 · 2018-12-13T03:36:25+00:00

There is no fixing. Whereas Curl runs on the server, so the request will have the server IP.

What you are you want, basically: forging an IP using TCP.

There is no way you can use the client’s IP. Set the X-Forwarded-For, X-Forwarded-IP or X-Real-IP (...) It’s not going to change anything, it’s just some header. This header MUST be ignored by the site, no site should believe that your IP is one of these. You will only be able to "forge the IP" if your target believes these headers, which is his mistake, only.

Forging an IP (using TCP) is extremely complicated, impossible in general cases due to Handshake. Curl itself offers nothing that can help you with that.