Remove From My Forums

Difference between Request.ServerVariables["HTTP_X_FORWARDED_FOR"] and Request.ServerVariables["REMOTE_ADDR"] in .net

Question
0

Sign in to vote

User-609852568 posted

Hi,

What is the difference between Request.ServerVariables["HTTP_X_FORWARDED_FOR"] and Request.ServerVariables["REMOTE_ADDR"] in Asp.Net. I think both are used for showing the system's IP address. then what's the major difference between both? anybody pls explain me clearly.

Regards
Vijay.

Friday, July 27, 2007 3:47 AM

Answers

0

Sign in to vote
User509596457 posted

Request.ServerVariables["HTTP_X_FORWARDED_FOR"] will tell you the IP if the user is behind a proxy server. You should use this first and if the value results in null or "unknown", then use Request.ServerVariables["REMOTE_ADDR"] to determine ip address.
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Friday, July 27, 2007 7:43 AM

All replies

0

Sign in to vote
User509596457 posted

Request.ServerVariables["HTTP_X_FORWARDED_FOR"] will tell you the IP if the user is behind a proxy server. You should use this first and if the value results in null or "unknown", then use Request.ServerVariables["REMOTE_ADDR"] to determine ip address.
- Marked as answer by Anonymous Thursday, October 7, 2021 12:00 AM
Friday, July 27, 2007 7:43 AM
0

Sign in to vote

User-1982247078 posted

Not sure where the REMOTE_ADDR is being filled from, but obviously X-Forwarded-For is from the HTTP request itself and therefore can be easily counterfeit. So recording only HTTP_X_FORWARDED_FOR in case it is present, as suggested, might not be the best idea from the security point of view.

Also, parsing is different, because the X-Forwarded-For is generally comma separated list of addresses.

Friday, July 15, 2011 6:54 AM
0

Sign in to vote

User-605755413 posted

sir...i m not clearly understand your answer plz elobrt is plz sir....

Friday, March 16, 2012 2:34 AM