You are here: Re: Can $_SERVER['REMOTE_ADDR'] be trusted? « PHP « IT news, forums, messages
Re: Can $_SERVER['REMOTE_ADDR'] be trusted?

Posted by Lester Caine on 02/24/05 11:08

Sed wrote:

> Is it possible for hackers to give a fake IP address when visiting a website
> running PHP?
>
> I want to allow certain IP addresses have access to a website (other IP
> addresses not), is it possible for someone (e.g. hacker) to give fake IP
> address? If so, how is the website returned to this someone?
>
> If you have any reference or links on this, please send me!

If you know the addresses you want to allow access, then it will be
reasonably safe, since the hacker would have to have the same list, and
if they have inside information, they are probably already hacking you
by some other route. Almost anything can be faked if they want to, but
they have to know WHAT to fake ;)

If you want to authenticate users and log their IP address, then forget
it. Since most IP addresses are dynamic and the same user could have a
different address each time.

--
Lester Caine
-----------------------------
L.S.Caine Electronic Services

 

Navigation:

[Reply to this message]


Удаленная работа для программистов  •  Как заработать на Google AdSense  •  England, UK  •  статьи на английском  •  PHP MySQL CMS Apache Oscommerce  •  Online Business Knowledge Base  •  DVD MP3 AVI MP4 players codecs conversion help
Home  •  Search  •  Site Map  •  Set as Homepage  •  Add to Favourites

Copyright © 2005-2006 Powered by Custom PHP Programming

Сайт изготовлен в Студии Валентина Петручека
изготовление и поддержка веб-сайтов, разработка программного обеспечения, поисковая оптимизация