CODEWITHSUNDEEP
c#.netasp.net
Developer404
Developer404

Reputation: 5962

How to Get IP Address?

I want to get the ip address whoever is registering in my site. How to do this in ASPNET. I used the following code, but, it is not getting the proper IP Address

string ipaddress = Request.UserHostAddress;

Upvotes: 59

Views: 93255

Answers (6)

Erwin
Erwin

Reputation: 211

In MVC 6, you retrieve the IP address this way:

HttpContext.Request.HttpContext.Connection.RemoteIpAddress.ToString()

Upvotes: 21

Krishna Kumar
Krishna Kumar

Reputation: 17

string result = string.Empty;
    string ip = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
    if (!string.IsNullOrEmpty(ip))
    {
        string[] ipRange = ip.Split(',');
        int le = ipRange.Length - 1;
        result = ipRange[0];
    }
    else
    {
        result = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
    }

Upvotes: 0

Muhammad Akhtar
Muhammad Akhtar

Reputation: 52241

You can use this method to get the IP address of the client machine.

public static String GetIP()
{
    String ip = 
        HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];

    if (string.IsNullOrEmpty(ip))
    {
        ip = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
    }

    return ip;
}

Upvotes: 78

Wouter Simons
Wouter Simons

Reputation: 2906

In a situation where you use the IP address for security you should be aware of your infrastructure.

If you are using a proxy between your web server and your clients that sets the header, you should be able to trust the last address. Then you use the code like Muhammed suggested with an update to always get the last IP address from the forward header (See code below)

If you do not use a proxy, beware that the X-Forwarded-For header is very easy to spoof. I suggest you ignore it then unless you have a clear reason why not to.

I updated Muhammed Akhtar's code as follows to allow you to choose:

public string GetIP(bool CheckForward = false)
{
    string ip = null;
    if (CheckForward) {
        ip = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
    }

    if (string.IsNullOrEmpty(ip)) {
        ip = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
    } else { // Using X-Forwarded-For last address
        ip = ip.Split(',')
               .Last()
               .Trim();
    }

    return ip;
}

This Wikipedia article explains the risks more thoroughly.

Upvotes: 45

Anthony
Anthony

Reputation: 7300

HTTP_X_FORWARDED_FOR should be used BUT it can return multiple IP addresses separated by a comma. See this page.

So you should always check it. I personally use the Split function.

public static String GetIPAddress()
{
    String ip = 
        HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];

    if (string.IsNullOrEmpty(ip))
        ip = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
    else
        ip = ip.Split(',')[0];

    return ip;
}

Upvotes: 36

RickNZ
RickNZ

Reputation: 18654

If a client is connecting through a transparent non-anonymous proxy, you can get their address from:

Request.ServerVariables["HTTP_X_FORWARDED_FOR"]

which can return null or "unknown" if the IP can't be obtained that way.

Request.ServerVariables["REMOTE_ADDR"] should be the same as Request.UserHostAddress, either of which can be used if the request is not from a non-anonymous proxy.

However, if the request comes from an anonymous proxy, then it's not possible to directly obtain the IP of the client. That's why they call those proxies anonymous.

Upvotes: 3

Related Questions