Last modified: 2005-09-18 12:09:17 UTC

Wikimedia Bugzilla is closed!

Wikimedia has migrated from Bugzilla to Phabricator. Bug reports should be created and updated in Wikimedia Phabricator instead. Please create an account in Phabricator and add your Bugzilla email address to it.
Wikimedia Bugzilla is read-only. If you try to edit or create any bug report in Bugzilla you will be shown an intentional error message.
In order to access the Phabricator task corresponding to a Bugzilla report, just remove "static-" from its URL.
You could still run searches in Bugzilla or access your list of votes but bug reports will obviously not be up-to-date in Bugzilla.
Bug 1590 - IP address logging for anonymous users uses Proxy address
IP address logging for anonymous users uses Proxy address
Status: RESOLVED DUPLICATE of bug 843
Product: MediaWiki
Classification: Unclassified
User login and signup (Other open bugs)
All All
: Normal enhancement (vote)
: ---
Assigned To: Nobody - You can work on this!
Depends on:
  Show dependency treegraph
Reported: 2005-02-25 14:02 UTC by Julian Bond
Modified: 2005-09-18 12:09 UTC (History)
0 users

See Also:
Web browser: ---
Mobile Platform: ---
Assignee Huggle Beta Tester: ---


Description Julian Bond 2005-02-25 14:02:37 UTC
It appears that the IP address logging for anonymous users and appearing in
things like the history page is potentially using Proxy web server IP addresses
and not the actual source IP address. Many ISPs now use transparent proxy
servers to save bandwidth with the effect that this IP may be shared by a large
number of more or less temporary users. Properly configured Proxies should pass
back headers indicating the source IP and this should be captured and used.
Typically this will be in the HTTP_X_FORWARDED_FOR and HTTP_CLIENT_IP headers.
Comment 1 River Tarnell 2005-02-25 14:04:09 UTC
we cannot blindly trust X-F-F or any other client-supplied header.  every
legitimate ISP proxy would have to be verified and added by hand as well as
maintained as each ISP's topology changes.  i'm not sure this is feasible...
Comment 2 Tom Moitié 2005-08-07 20:00:13 UTC
This simple section of PHP gets a users IP address every time. Whether there is
a cache server, proxy server or anything else.
function getip() {
   if (getenv("HTTP_CLIENT_IP") && strcasecmp(getenv("HTTP_CLIENT_IP"), "unknown"))
   $ip = getenv("HTTP_CLIENT_IP");

   else if (getenv("HTTP_X_FORWARDED_FOR") &&
strcasecmp(getenv("HTTP_X_FORWARDED_FOR"), "unknown"))
   $ip = getenv("HTTP_X_FORWARDED_FOR");

   else if (getenv("REMOTE_ADDR") && strcasecmp(getenv("REMOTE_ADDR"), "unknown"))
   $ip = getenv("REMOTE_ADDR");

   else if (isset($_SERVER['REMOTE_ADDR']) && $_SERVER['REMOTE_ADDR'] &&
strcasecmp($_SERVER['REMOTE_ADDR'], "unknown"))
   $ip = $_SERVER['REMOTE_ADDR'];

   $ip = "unknown";


It has never gone wrong at all.
Comment 3 Zigger 2005-09-18 12:09:17 UTC
See also bug 2856.

*** This bug has been marked as a duplicate of 843 ***

Note You need to log in before you can comment on or make changes to this bug.