I have an unforeseen problem, namely I made a chat and it works perfectly.
Now I have a problem with the ip address, namely through user registration I take the ip address. In a PHP web application it's done like this:
$user_ip = $mysqli->real_escape_string($_SERVER['REMOTE_ADDR']);
The problem arises when I changed the name servers (with cloud flare name servers) the ip I have in the database is not the real ip of the user but the ip behind which the ddous guard is hidden (it was used before cloudflare)...
And when I ban a user, every user who has the same ip will get the ban (ddos guard assigned the ip that way) see screen shot:
(removed link ) (this is just example)...
Now i need the best solution to avoid this problem ,for all users i can maybe manual delete ip adresses and to save in database last logged ip adress?
But ho w i can to solve this problem for future...
Thanks in advance
Related
I am logging every user's IP when they access the company's page.
There are two ways to access the page from inside the local network:
http://company/webpage
and
https://webpage.company.com
What bugs me is that even when the users use the https global IP, their accesses are still recorded on database with their IP as 10.50.1.12 or 10.50.1.100.
Does that means that the browser or something else is redirecting the https://webpage.company.com to company/webpage? Or does that mean that I'm using a flawed method to log the users IP?
Another way to ask my question (just to make sure I'm being clear): if I'm accessing my Internet web page from inside the LAN network, am I effectively going outside my network and then back? If not, where am I going wrong with my logging?
Code used to log user's IP:
user.LastIP = HttpContext.Current.Request.UserHostAddress;
I'm curious about this because I want to make sure the users inside the company will access the page using exclusively the LAN Network. The goal is to save bandwidth usage, which is scarce.
Edit:
Pinging the https://webpage.company.com from inside the LAN network will result in a reply from a global IP address like 194.xxx.xxx.xxx. So I'm clearly getting the user's IP wrongly. What would be the ideal way of retrieving the IP from the page accessing entity?
Access to http://company/webpage will result in a DNS lookup of the host name "company". To resolve this, DNS will need a fully qualified domain name (fqdn), so it will add a top level domain (according to the configured search list in the client). In this example, it seems fair to assume that the fqdn will be "company.com". This, in turn, may very well resolve to the same IP address as the "webpage.company.com". You can check this by using dns lookup utilities like 'nslookup' and 'dig', or simply by using 'ping company' and 'ping webpage.company.com'.
The users IP addresses you mention, 10.50.1.12 and 10.50.1.100, seems to be the local IP addresses of the client hosts. I base this assumption on the fact that these IP addresses come from the RFC-1918 address range which is used for internal addresses. My guess is that these are the correct IP addresses, and that your logging works fine.
The users IP address you will log from accessing 'http://company/webpage' and 'https://webpage.company.com' should in most cases be the same. You can see it this way: it doesn't matter what the target URL is, traffic is still coming from the same host, the same IP address.
In any case, you most probably don't need to worry about any traffic leaving your local network.
I have a basic question about Ip addresses. I have signed up for an online class that says "I can only access it from your registered IP address".
Does that mean I can only access it from the network I was using during my registration or I can access it anywhere from the same device?
Have to know a bit more to know how strict that rule might be.
Tentatively - yes, your IP is unique to the network you were using during registration.
However, you can generally install a VPN service and use your registration network's IP anywhere if you need to get around that limitation.
I'm thinking of a way to find the public IP of router at home, remotely.
For example if I'm in university and I need to connect to a machine in my home network. How can I get the public IP to connect to it?
To get the IP from that machine I can use something like this website - http://api.exip.org/?call=ip
But how can I send it to myself remotely?
One of the ideas is to write some sort of script that will check my email address for incoming messages. So when I need to know the IP, I just send some email to myself with specific text (or subject). When script will find that specific text, it will send the IP to the same email.
Another idea it to write a script that will upload a new file to the server (for example DropBox) every time the public IP is changed.
Or I can combine those two and email new IP every time it changes (not that often, but still it’s a spam).
What other solutions there can be, and how can I implement them (or the one that I have)?
I have Linux/Unix and Windows machines which I can use. I have no problem in writing code in different languages or looking in to any possible approach.
most of home router have dynamic DNS facility , you will find it in your router configuration as DDNS and configuration page you will find list of supported DDNS service ,most popular DDNS service is dyndns.org you have to subscribe there and they will give you tow free subdomain like example.dyndns.org , and after configuring that on your router you can easily from any where ping example.dyndns.org to know your router IP
Say if i have the IP of a user x.x.x.x , then using the IP can i track all the activities that the user is doing ? How can i do this ?
how can i check which web pages is the user opening or something similar
please guide
No, you cannot. Traffic is point-to-point and knowing the address of a point is not enough to know the traffic going to/from that point. It's like asking if you can read someones (snail) mail just because you know their house address.
In order to "snoop" that fully, you need to be in the middle where all traffic passes through your node (liking having the postman give you the mail and then you giving it to the owner of the house).
If you have a machine, the traffic from the user is reaching it (e.g. you're connected to the same switch) then probably yes. The most trivial way is using network sniffer (Wireshark for windows, tcpdump for Linux).
However if the used surf SSL secured site (a.k.a https) than you will see only encrypted content
Geolocation is not accurate because the primary source for IP address data is the Regional Internet Registries. They do not hold a database for information about individual IP addresses, but information about ranges of IP addresses that have been assigned to certain organizations. Such an organization has free reign over the IP addresses they get and they do not need to give location information to the RIRs. In other words, only your ISP knows your exact location. If you want to find the location of a user you will have to ask your ISP, and they will most probably deny your request.
You can't sniff packets sent from someone, unless you are part of the same subnet - you would have to be connected to the same switch and be on the same Virtual LAN as that user. Even if you somehow find the physical location of a user and connect to the same switch, the ISP has most likely sat up port security, which would deny access to your MAC address.
In conclusion, unless you are already connected to the same switch, you can't track that user's activities.
If you are connected to the same switch, you can install one of the popular packet sniffer utilities such as Wireshark and set it to promiscuous mode.
i need to find the remote users ip address using asp.net and also i need clarification whether multiusers have same ip address
thanks
Shakthi
Dim userIP As string = Request.UserHostAddress
Edit Caveat - the below is talking about an internet scenario. On a more limited (intranet) network, you may be able to assume a 1-1 User-IP Address mapping
Multiple users may appear to have the same IP address.
The same user may make two requests in a row from different IP addresses.
Whatever you're trying to do, using the users IP address for anything other than logging is probably pointless.