How to Forge Client IP Using PHP

When you are browsing one website or want to get source code of one html page. you may not want website master to know your ip or where you are from, and how to do it? The way we can do is to forge our ip and referer. Source code like below:

 $ch = curl_init();
 curl_setopt($ch, CURLOPT_URL, "http://localhost/test.php");
 curl_setopt($ch, CURLOPT_HTTPHEADER, array('X-FORWARDED-FOR:8.8.8.8', 'CLIENT-IP:8.8.8.8'));//IP
 curl_setopt($ch, CURLOPT_REFERER, "http://www.beginnerlibrary.com/ "); //referer
 curl_setopt($ch, CURLOPT_HEADER, 1);
 $out = curl_exec($ch);
 curl_close($ch);

Note: Source code above Ip and referer are forged by our program.

We can test the effect of our source code. The server program usually check visitors’ ip by source code below:

function getClientIp() {
 if (!empty($_SERVER["HTTP_CLIENT_IP"]))
 $ip = $_SERVER["HTTP_CLIENT_IP"];
 else if (!empty($_SERVER["HTTP_X_FORWARDED_FOR"]))
 $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
 else if (!empty($_SERVER["REMOTE_ADDR"]))
 $ip = $_SERVER["REMOTE_ADDR"];
 else
 $ip = "err";
 return $ip;
 }
 echo "IP: " . getClientIp() . "";
 echo "referer: " . $_SERVER["HTTP_REFERER"];

, ,