AsiaTech: Microsoft APGC Internet Developer Support Team

We focus on various troubleshooting plan and solution on IIS web platform and distributed applications

How to obtain IP address of a client behind proxy via web service

How to obtain IP address of a client behind proxy via web service

  • Comments 2

 

Consider the following scenario:

 

One of my customers would like to know how to obtain IP address of a client with web service. The application at client side will call a web service method hosted on IIS server and that web service could get the IP address of the client then determine whether the IP address is valid to get accessed. His product environment has proxy server and the exact IP address he wants to obtain is the one used by router to access external network. Here, I would like to provide a general method to fetch clients’ IP address through web service and give an explanation on the result in terms of different hardware conditions.

 

[Sample Code]

===========

[WebMethod]

public string GetCustomerIP()

{

string CustomerIP = "";

if (HttpContext.Current.Request.ServerVariables["HTTP_VIA"] != null)

{

          CustomerIP = HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"].ToString();

}

else

{

           CustomerIP = HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"].ToString();

 }

            return CustomerIP;

}

 

In above sample code, HTTP_VIA is used to judge whether the client is using proxy server. If client uses proxy server, then the web method will try to obtain IP address behind the proxy server. In many situations, the IP addresses we get are probably the addresses of proxy server. Below is the information on HTTP proxy:

 

1.  Not Use Any Proxy Server:

 

REMOTE_ADDR = IP address of client

HTTP_VIA = No value or No display

HTTP_X_FORWARDED_FOR = No value or No display

 

2.  Use Transparent Proxies:

 

REMOTE_ADDR = IP address of proxy server

HTTP_VIA = IP address of proxy server

HTTP_X_FORWARDED_FOR = Real IP address of client

 

3.  Use Normal Anonymous Proxies:

 

REMOTE_ADDR = IP address of proxy server

HTTP_VIA = IP address of proxy server

HTTP_X_FORWARDED_FOR = IP address of proxy server

 

4.     Use Distorting Proxies:

 

REMOTE_ADDR = IP address of proxy server

HTTP_VIA = IP address of proxy server

HTTP_X_FORWARDED_FOR = Random IP address

 

5.     Use High Anonymity Proxies (Elite proxies):

 

REMOTE_ADDR = IP address of proxy server

HTTP_VIA = No value or No display

HTTP_X_FORWARDED_FOR = No value or No display

 

 

Another fact that may affect the result of above web service is the configuration of router. If the router of local area network enables NAT (network address translation), then the IP address obtained is the address used by the router to access external network. If NAT is disabled, then the IP address is the client's IP address within local area network.

 

Before use above sample code, we should first consider the real product environment and then use it accordingly.

 

Reference

========

A Probability to Get Wrong Information

http://www.codeproject.com/KB/cs/KBSoftIPLocator.aspx

 

Getting the Real IP Of Your Users

http://www.thepcspy.com/read/getting_the_real_ip_of_your_users

 

Best regards,

 

Hanson Wang

 

Leave a Comment
  • Please add 6 and 7 and type the answer here:
  • Post
  • Hi,

    I also ran into the problem to get the correct client IP address, not the one of our proxy sitting in front of our web server. So I did a quick research and found several hints pointing to use the HttpContext server variable HTTP_X_FORWARDED_FOR. But in our case (a WCF service hosted on IIS using WsHttp with an https URL) that http header does not seem to come through (please have a look of all the server variables that are visible from our WCF service).

    What can be the reason?

    - settings of our proxy?

    - settings of the client proxy?

    - usage of https?

    - missing config setting on the service side or on the client side?

    Any help welcome!

    Thanks,

    Michael

    APPENDIX - All ServerVariables that come with the client request: No HTTP_X_FORWARDED_FOR entry, and REMOTE_ADDR points to 192.168.100.1, i.e. our default gateway caa-isa

    Message: ServerVariables["ALL_HTTP"]: HTTP_CONNECTION:Keep-Alive

    Message: ServerVariables["ALL_RAW"]: Connection: Keep-Alive

    Message: ServerVariables["APPL_MD_PATH"]: /LM/W3SVC/2/ROOT/Test

    Message: ServerVariables["APPL_PHYSICAL_PATH"]: C:\inetpub\wwwroot\occurrences.caa.govt.nz\Test\

    Message: ServerVariables["AUTH_TYPE"]:

    Message: ServerVariables["AUTH_USER"]:

    Message: ServerVariables["AUTH_PASSWORD"]:

    Message: ServerVariables["LOGON_USER"]:

    Message: ServerVariables["REMOTE_USER"]:

    Message: ServerVariables["CERT_COOKIE"]:

    Message: ServerVariables["CERT_FLAGS"]:

    Message: ServerVariables["CERT_ISSUER"]:

    Message: ServerVariables["CERT_KEYSIZE"]: 128

    Message: ServerVariables["CERT_SECRETKEYSIZE"]: 1024

    Message: ServerVariables["CERT_SERIALNUMBER"]:

    Message: ServerVariables["CERT_SERVER_ISSUER"]: C=US, O="Entrust, Inc.", OU=www.entrust.net/rpa is incorporated by reference, OU="(c) 2009 Entrust, Inc.", CN=Entrust Certification Authority - L1C

    Message: ServerVariables["CERT_SERVER_SUBJECT"]: C=NZ, L=Wellington, O=Civil Aviation Authority of New Zealand, OU=IT, CN=Occurrences.caa.govt.nz

    Message: ServerVariables["CERT_SUBJECT"]:

    Message: ServerVariables["CONTENT_LENGTH"]: 36560

    Message: ServerVariables["CONTENT_TYPE"]: multipart/related; type="application/xop+xml";start="<http://tempuri.org/0>";boundary="uuid:4c06d7aa-0be4-421e-8e25-7da504fa5fa1+id=1";start-info="application/soap+xml"

    Message: ServerVariables["GATEWAY_INTERFACE"]: CGI/1.1

    Message: ServerVariables["HTTPS"]: on

    Message: ServerVariables["HTTPS_KEYSIZE"]: 128

    Message: ServerVariables["HTTPS_SECRETKEYSIZE"]: 1024

    Message: ServerVariables["HTTPS_SERVER_ISSUER"]: C=US, O="Entrust, Inc.", OU=www.entrust.net/rpa is incorporated by reference, OU="(c) 2009 Entrust, Inc.", CN=Entrust Certification Authority - L1C

    Message: ServerVariables["HTTPS_SERVER_SUBJECT"]: C=NZ, L=Wellington, O=Civil Aviation Authority of New Zealand, OU=IT, CN=Occurrences.caa.govt.nz

    Message: ServerVariables["INSTANCE_ID"]: 2

    Message: ServerVariables["INSTANCE_META_PATH"]: /LM/W3SVC/2

    Message: ServerVariables["LOCAL_ADDR"]: 192.168.100.15

    Message: ServerVariables["PATH_INFO"]: /Test/CAA.Part12Interface.CaptureService.CaptureService.svc

    Message: ServerVariables["PATH_TRANSLATED"]: C:\inetpub\wwwroot\occurrences.caa.govt.nz\Test\CAA.Part12Interface.CaptureService.CaptureService.svc

    Message: ServerVariables["QUERY_STRING"]:

    Message: ServerVariables["REMOTE_ADDR"]: 192.168.100.1

    Message: ServerVariables["REMOTE_HOST"]: 192.168.100.1

    Message: ServerVariables["REMOTE_PORT"]: 27725

    Message: ServerVariables["REQUEST_METHOD"]: POST

    Message: ServerVariables["SCRIPT_NAME"]: /Test/CAA.Part12Interface.CaptureService.CaptureService.svc

    Message: ServerVariables["SERVER_NAME"]: occurrences.caa.govt.nz

    Message: ServerVariables["SERVER_PORT"]: 443

    Message: ServerVariables["SERVER_PORT_SECURE"]: 1

    Message: ServerVariables["SERVER_PROTOCOL"]: HTTP/1.1

    Message: ServerVariables["SERVER_SOFTWARE"]: Microsoft-IIS/7.0

    Message: ServerVariables["URL"]: /Test/CAA.Part12Interface.CaptureService.CaptureService.svc

    Message: ServerVariables["HTTP_CONNECTION"]: Keep-Alive

    Message: ServerVariables["HTTP_CONTENT_LENGTH"]: 36560

    Message: ServerVariables["HTTP_CONTENT_TYPE"]: multipart/related; type="application/xop+xml";start="<http://tempuri.org/0>";boundary="uuid:4c06d7aa-0be4-421e-8e25-7da504fa5fa1+id=1";start-info="application/soap+xml"

    Message: ServerVariables["HTTP_HOST"]: occurrences.caa.govt.nz

    Message: ServerVariables["HTTP_REVERSE_VIA"]: CAA-ISA

    Message: ServerVariables["HTTP_MIME_VERSION"]: 1.0

  • Sorry to ask question on a old post. but I need this urgently.

    After executing your code, i am always getting the hosted server ip. Any solution to get the client ip instead?

Page 1 of 1 (2 items)