Back to Top

How to Get Real IP address of the Visitor in PHP

To get real IP address in PHP

It is very common that websites are retrieving the user’s IP address to implement access controls of users or visitors in PHP.The REMOTE_ADDR field in $_SERVER superglobal is normally held the user’s true IP address.But sometimes user uses proxy Server to hide own IP Address and try to access website by hiding behind proxies and at that time $_SERVER[‘REMOTE_ADDR’] returns the IP address of the proxy server not the user’s machine IP Address in PHP.

So. Here I am going to share function which will provide the real IP address of visitors machine even they are using a proxy server.

The HTTP_X_FORWARDED_FOR field contains the IP Address of the user if they are using Proxy Server.

Read about: Exception handling in PHP5

There is extra Server variable which might be available to determine the exact IP address of the client’s machine in PHP, they are HTTP_CLIENT_IP

Function to find real IP address in PHP

function getRealIP() {

	foreach ( $headers as $header ) {
		if (isset ( $_SERVER [$header]  )) {
			if (($pos = strpos ( $_SERVER [$header], ',' )) != false) {
				$ip = substr ( $_SERVER [$header], 0, $pos );
			} else {
				$ip = $_SERVER [$header];
			$ipnum = ip2long ( $ip );
			if ($ipnum !== - 1 && $ipnum !== false && (long2ip ( $ipnum ) === $ip)) {
				if (($ipnum - 184549375) && // Not in
				($ipnum  - 1407188993) && // Not in
				($ipnum  - 1062666241)) // Not in
				if (($pos = strpos ( $_SERVER [$header], ',' )) != false) {
					$ip = substr ( $_SERVER [$header], 0, $pos );
				} else {
					$ip = $_SERVER [$header];
				return $ip;
	return $_SERVER ['REMOTE_ADDR'];


This function will first try to get the direct IP address of user machine.if fail to get then it will check for proxy server address using HTTP_X_FORWARDED_FOR and using some other headers.The HTTP_X_FORWARDED_FOR field is supported by most proxy servers to identify the IP address of the host which is requesting from the HTTP request through the proxy server and if everything gets fails, then finally get the IP address using REMOTE_ADDR.

I hope that you find above code useful! You can use this code anywhere you want. Did we miss anything? Tell me in the comment section :).

Comments (18)

  1. Very nice. The only issue I see is you missed a – on this line:

    if (($ipnum 184549375) && // Not in

    should be:

    if (($ipnum – 184549375) && // Not in

    1. Hi Jeff,

      Thanks it was code editor issue, updated code.

  2. I think there has been a copy paste issue, some missing characters in the code:-

    if (($ipnum 184549375) && // Not in
    ($ipnum – 1407188993) && // Not in
    ($ipnum – 1062666241)) // Not in

    1. Hi Mike,

      It was code editor issue.Updated and thanks 🙂

  3. Does this allow user ti fake his IP without any proxy server? Just simple add one more header like: HTTP_X_FORWARDED_FOR, then your code will get IP from there.

    1. HTTP_X_FORWARDED_FOR is already added.

  4. It’s really a great and useful piece of information.
    I am glad that you simply shared this useful info with us.
    Please keep us up to date like this. Thanks for sharing.

  5. illinois says:

    Do you have any video of that? I’d want to find
    out some additional information.

  6. Having read this I thought it was really enlightening.
    I appreciate you spending some time and energy to put this short article
    together. I once again find myself personally spending way too much time both reading
    and commenting. But so what, it was still worthwhile!

  7. There is a problem when user running on IPv6.
    Does it work with IPv6?

    1. Blen, I’ve tested it and it is working fine on IPV6. Do you get any specific issue?

      1. Im sorry, it’s my mistake. I changed it for match ip which have both ipv6 and ipv4 and i forgot to close the function {.
        An other problem, could you help me: i dont know why, somtime, this function return an IP address like this: or some special character at the end of IP address.
        I have been using this as filter but sometime still have strange character in IP address:


        Do you have any solution for this?

  8. Can you build a code for us to cloak our website for bad ip address.This will be great help, besides we will pay you for it.

    skype:[email protected]

  9. I hope this function is also helpful for get real IP.

    Miss Bhumi will this script working on local server?

    1. Sajjad, It will work in local but better you check on live server.

      1. Bhumi, Thankyou a lot.

  10. i’m new for this,
    i want to save that ip on database, can i? and what’s a code for that? and put on where that’s code?

    1. Yeah you can save the ip on database and code is depend on the technology you use. You can write as per that only

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Most Popular Posts

How To Turn On Output Buffering

Posted on 7 years ago


Hello world

Updated 1 month ago

Nick Carter

In depth Understanding of Laravel Core

Updated 3 months ago


ECMAScript 6 New Features – 2

Updated 1 year ago


The Reader’s Poll – June 2015

Posted on 4 years ago


The Reader’s Poll – August 2014

Posted on 5 years ago


The Reader’s Poll – June 2014

Posted on 5 years ago


The Readers’ Poll – May 2014

Posted on 5 years ago


The Readers’ Poll – August 2013

Posted on 6 years ago