Ecko
23:37 [autobots] -!- eckostylez [[email protected]]
How do you know an IP address is a proxy if it hasn't already went through some kind of check?Only on trusted proxies lol.
Post automatically merged:
Not hard to implement mod_remoteip.You can't spoof it if you validated the request came from the proxy in the first place. REMOTE_ADDR is fine if you aren't using a proxy/CDN, sadly most people do these days; so solely relying on REMOTE_ADDR won't do a lot for these setups if you're using it for fingerprinting (every session will be locked to the CDN's IP which breaks your implementation...).