André Warnier wrote:
Mohit Anchlia wrote:
2. Another question I had was sometimes we don't get real physical IP of the
machine but the IP of something that's in between like "router", is there a
way to get the real IP so that we don't end up blocking people coming from
that "router" or "proxy"
In my opinion, you cannot. The whole point of
such routers and proxies is to make the requests
look like they are coming from the router/proxy,
so that is the sender IP address you are seeing
at your server level, and that's it. Your
server never receives the original requester IP address.
---------------- End original message. ---------------------
There are legitimate reasons for this to be done
as well, indiscriminately blocking such access is
a bad idea as it will affect legitimate users.
NAT and IP address sharing are among the reasons.
This allows an organization to have a router with
one public IP address to serve a larger internal
network with private IP addresses. Without this,
we would have run out of IPv4 addresses a long time ago.
Dragon
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Venimus, Saltavimus, Bibimus (et naribus canium capti sumus)
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
" from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
