Value that occasionally enters HTTP_X_FORWARDED_FOR

Asked 2 months ago, Updated 2 months ago, 2 views

Obtain the client ip address via the AWS load balancer using the following methods:

$ips=isset($_SERVER['HTTP_X_FORWARDED_FOR'])? $_SERVER['HTTP_X_FORWARDED_FOR']: false;
if($ips){
    $ip =explode(',',',$ips)[0];
}

This $ip has a 99% chance of getting the correct value, but a little less than 1% chance of getting the following format.

xxxxxx xxx.xxx.xxx.xxx 
// x is all numeric, (6 digits) half-width space (ip address)

Six digits do not seem to have any particular regularity, some starting with 00... and some starting with 90... (if I may say so, many starting with 0... and others starting with 9...)
Also, the ip address at this time is a private address like 172.31.xxx.xx.

If anyone knows what the situation is like, could you please let me know?
Also, what is this six-digit number?
Can I get the client's ip address at this time?
Thank you for your cooperation.

php aws

2022-09-30 14:01

1 Answers

http://docs.aws.amazon.com/ja_jp/elasticloadbalancing/latest/classic/x-forwarded-headers.html
If X-Forwarded-For is already configured, then X-Forwarded-For has xxxxxxxx xxx.xxx.xxx.xxx because that is the value that precedes the comma delimiter.
It says you can't trust this, so you might want to look at the last value.


2022-09-30 14:01

If you have any answers or tips


© 2022 OneMinuteCode. All rights reserved.