ASP.NET 6 ways to get the true client IP address

Used in ASP

Request.ServerVariables ("REMOTE_ADDR") to get the IP address of the client, but if the client is using a proxy server to access it, it will get the IP address of the proxy server, not the actual IP address of the client.

To get the client's true IP address through the proxy server, read it using Request.ServerVariables ("HTTP_X_FORWARDED_FOR").

It is important to note, however, that not every proxy server can use Request.ServerVariables ("HTTP_X_FORWARDED_FOR") to read the real IP of the client, and some still read the IP of the proxy server using this method.

One more note: if the client is not accessed through the proxy server, the value fetched with Request.ServerVariables ("HTTP_X_FORWARDED_FOR") will be empty. So, if you want to use this method in your program, you can do something like this:
......
userip = Request.ServerVariables("HTTP_X_FORWARDED_FOR")
If userip = "" Then userip = Request.ServerVariables("REMOTE_ADDR")
......

Server:
1 / / method
HttpContext.Current.Request.UserHostAddress;
2 / / method
HttpContext.Current.Request.ServerVariables["REMOTE_ADDR"];
3 / / method
string strHostName = System.Net.Dns.GetHostName();
string clientIPAddress = System.Net.Dns.GetHostAddresses(strHostName).GetValue(0).ToString();
// method 4 (ignore the proxy)
HttpContext.Current.Request.ServerVariables["HTTP_X_FORWARDED_FOR"];
Client:
5 / / method
var ip = ' < !--#echo var="REMOTE_ADDR"-- > ';
alert("Your IP address is "+ip);
// method 6 (ignore the proxy)

 
function GetLocalIPAddress() 
{ 
var obj = null; 
var rslt = ""; 
try 
{ 
obj = new ActiveXObject("rcbdyctl.Setting"); 
rslt = obj.GetIPAddress; 
obj = null; 
} 
catch(e) 
{ 
// 
} 
return rslt; 
} 

22 days add:
MCT Maulik Patel from India provides a server-side solution that is very good:

 
if(Context.Request.ServerVariables["HTTP_VIA"]!=null) // using proxy 
{ 
ip=Context.Request.ServerVariables["HTTP_X_FORWARDED_FOR"].ToString(); // Return real client IP. 
} 
else// not using proxy or can't get the Client IP 
{ 
ip=Context.Request.ServerVariables["REMOTE_ADDR"].ToString(); //While it can't get the Client IP, it will return proxy IP. 
} 

Remark:
1. Some agents will not send us the real IP address
2. Some clients will not send us IP because of the security Settings of "header_access deny"

ServerVariables variable description

serverVariables parameters
response.write(request.serverVariables("varName"))
'varName is the data to be measured

ALL_HTTP
All HTTP headers sent by the client have the result prefixed HTTP_.

ALL_RAW
All HTTP headers sent by the client have the same results as when the client sent them, without the prefix HTTP_

APPL_MD_PATH
The application's metadata path.

APPL_PHYSICAL_PATH
The physical path corresponding to the application metadata path.

AUTH_PASSWORD
The password entered by the customer in the password dialog box when using the basic authentication mode.

AUTH_TYPE
This is the authentication method that the server USES to verify users when they access the protected script.

AUTH_USER
The user name of the proxy validation.

CERT_COOKIE
Customer certificate ID of only 1.

CERT_FLAG
Client certificate logo, bit0 is 0 if there is a client certificate. If client certificate validation is invalid, bit1 is set to 1.

CERT_ISSUER
The issuer field in the user certificate.

CERT_KEYSIZE
The number of bits of the secure socket layer connection keyword, such as 128.

CERT_SECRETKEYSIZE
The server validates the number of bits of the private keyword. Such as 1024.

CERT_SERIALNUMBER
The serial number field of the customer certificate.

CERT_SERVER_ISSUER
The issuer field for the server certificate

CERT_SERVER_SUBJECT
The subject field of the server certificate.

CERT_SUBJECT
The subject field of the client certificate.

CONTENT_LENGTH
Length of content emitted by the client.

CONTENT_TYPE
The data type of form content sent by the customer or HTTP PUT.

GATEWAY_INTERFACE
The gateway interface used by the server.

HTTPS
If the request goes through the secure channel (SSL), ON is returned. If the request comes from a non-secure channel, OFF is returned.

HTTPS_KEYSIZE
The number of bits of the secure socket layer connection keyword, such as 128.

HTTPS_SECRETKEYSIZE
The server validates the number of bits of the private keyword. Such as 1024.

HTTPS_SERVER_ISSUER
The issuer field for the server certificate.

HTTPS_SERVER_SUBJECT
The subject field of the server certificate.

INSTANCE_ID
The ID number of the IIS instance.

INSTANCE_META_PATH
The metadata path of the IIS instance that responded to the request.

LOCAL_ADDR
Returns the server address to which the request was received.

LOGON_USER
User logs into Windows NT account

PATH_INFO
Path information provided by the client.

PATH_TRANSLATED
The path resulting from a virtual to physical mapping.

QUERY_STRING
Query the string content.

REMOTE_ADDR
The IP address of the remote host making the request.

REMOTE_HOST
The name of the remote host from which the request was made.

REQUEST_METHOD
The method of making a request. GET, HEAD, POST, and so on.

SCRIPT_NAME
Name of the execution script.

SERVER_NAME
The hostname of the server, DNS address, or IP address.

SERVER_PORT
The server port number to accept the request.

SERVER_PORT_SECURE
If the server port on which the request is received is a secure port, it is 1, otherwise it is 0.

SERVER_PROTOCOL
The name and version of the protocol used by the server.

SERVER_SOFTWARE
The name and version of the server software that answers the request and runs the gateway.

URL
Provide the basics of URL