Find out client IP through proxy

Question

When my site receives a connection that's coming through a proxy, I've always assumed that the client IP (if provided) is the first item in the comma-delimited list of IP addresses in the X-Forwarded-For HTTP header. But I've seen cases where there's also Client-IP.

If both headers exist and their information does not match, is there one that's a better choice than the other?

Answer 1

Yes. use X-Forwarded-For. it is the standard header to use in these cases

edit: taken from the wikipedia ( http://en.wikipedia.org/wiki/X-Forwarded-For ):

"The X-Forwarded-For field is supported by most proxy servers, including Squid,[1] Apache mod_proxy,[2] Pound,[3]HAProxy, [4] Varnish cache,[5] IronPort Web Security Appliance,[6] CAI Networks WebMux, ArrayNetworks, Radware's Appdirector and Web Server Director, F5 Big-IP,[7] Blue Coat ProxySG,[8] Cisco Cache Engine, McAfee Web Gateway, Phion Airlock, Finjan's Vital Security, NetApp NetCache, jetNEXUS, Crescendo Networks' Maestro, Microsoft ISA Server 2004/2006 with Winfrasoft X-Forwarded-For for ISA Server and Microsoft Forefront TMG 2010 with Winfrasoft X-Forwarded-For for TMG or XFF-Filter.dll free web filter[9]. X-Forwarded-For logging is supported by many web servers including Apache. Microsoft IIS 6.0 & 7.0 can use a third party ISAPI filter called Winfrasoft X-Forwarded-For for IIS to accomplish this task. IIS 7.0 can also use a HTTP Module for this filtering [1]."