aot2002
asked on
help curl headers
im trying to open a webpage with a fake ip on my own server for testing my logs in apache access.log
but it still shows my real ip in apaches logs ?
echo file_get_contents_as_mozil la("http://www.my_domains_ip_is.com"); //not a real url
function file_get_contents_as_mozil la($url) {
// create a new curl resource
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERAGENT, 'Internet Explorer/6.0 (X11; U; Windows XP SP2; en-US; rv:1.7.2) Gecko/20040804');
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Accept-Language: en-us,en;q=0.7,de-de;q=0.3 ',
'Accept: text/xml,application/xml,a pplication /xhtml+xml ,text/html ;q=0.9,tex t/plain;q= 0.8,image/ png,*/*;q= 0.5',
'X-Forwarded-For: 78.234.34.41'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
// close curl resource, and free up system resources
curl_close($ch);
return $page;
}
but it still shows my real ip in apaches logs ?
echo file_get_contents_as_mozil
function file_get_contents_as_mozil
// create a new curl resource
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_USERAGENT, 'Internet Explorer/6.0 (X11; U; Windows XP SP2; en-US; rv:1.7.2) Gecko/20040804');
curl_setopt($ch, CURLOPT_HTTPHEADER, array(
'Accept-Language: en-us,en;q=0.7,de-de;q=0.3
'Accept: text/xml,application/xml,a
'X-Forwarded-For: 78.234.34.41'));
curl_setopt($ch, CURLOPT_RETURNTRANSFER,1);
// close curl resource, and free up system resources
curl_close($ch);
return $page;
}
Why would it be that simple to spoof the ip address? If you really want to test something in the logs, spoof the UserAgent. While there are ways to spoof the IP address, there's really no legitimate reason for doing so. And if I, or anyone else, were to post on here how to do it, it would provide tons of wannabe hackers with details of how to attack websites from a spoofed IP address.
ASKER
ClickCentric,
its not simple thats why im asking.
there is a legitimate reason im testing a custom ip blocking program for my site security...!
i understand your unsure but lets allow someone else to answer it.
its not simple thats why im asking.
there is a legitimate reason im testing a custom ip blocking program for my site security...!
i understand your unsure but lets allow someone else to answer it.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
i found out how it was done thanks anyway i wont post it so it doesnt upset EE rules
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.