Anyway to retrieve users original ipv4 address?

I’ve figured out how to get the ip address, but its ipv6, which seems unusual. This is to help track it for anti-fraud like too many login attempts, etc. Is there some way to get ipv4 address? I tested on myself, my ISP shows both, but I only see IPV6 in the request headers.

If the user connects with IPv6, there is no IPv4 address to retrieve. If the user is dual-stack then you could try forcing a connection over IPv4 to retrieve something (like putting an image on a server with only IPv4), but that’s about it.

Note that at this point, most end-user IPv4 addresses are shared among many different users (on mobile networks in particular it could be a very large number of users) so they cannot be used to identify unique users. IPv6 addresses, though, will be a lot better for that purpose as they typically aren’t shared.


Let me just clarify, this is in the context of using Cloudflare as reverse proxy. So, the only IP address I see is the one Cloudflare is forwarding in Request.Headers[“X-Forwarded-For”]

Right, and if the user has connected to Cloudflare using IPv6, there is no IPv4 address associated with the connection to put into that header. IPv4 wasn’t used. The user’s device may have an IPv4 address, but there’s no way to know what it is without the user connecting to you using IPv4.


To clarify again, my connection has both ipv4 and ipv6, however, Cloudflare only seems to pass on the ipv6. I’m trying to understand in this common scenario, where 2 IP addresses are present, is it possible to see the IPv4 IP address.

See comment above

1 Like

Think of it this way. Someone has a Snapchat account and a Whatsapp account, and messages you on Snapchat. They have a Whatsapp, but there’s no way for you to know what it is just because they messaged you on Snapchat.


Could you stop replying here, I think you’re not understanding the question. Its quite simple, I just need to collect all IP address data from Cloudflare that they collected from the user. I’m looking for clarification if they have all of it or just some of it. We can only see what Cloudflare sends us, as they are a reverse proxy.

You cannot collect the other IP address from Cloudflare. Cloudflare doesn’t send it because it never connected to Cloudflare!

@i40west has repeatedly attempted to explain this you, with the last example being one that I thought might have finally helped you understand. I don’t know why you are convinced that Cloudflare has another visitor IP that they are not sharing with you, but there is no additional IP.

The only IP Cloudflare can log is the connecting IP which will be either an IPv4 or an IPv6 address, but never both. Your visitor connects using only one address family. When both IPv6 and IPv4 connectivity is available, IPv6 is normally preferred. These means that all your visitors with IPv6 will not make an IPv4 connection for Cloudflare to log any IPv4 address.

You may find it more beneficial to share the problem that you hope to solve by obtaining these non-existent IP addresses.


When I personally go to a what’s my IP site, they all show my ipv4 and ipv6. When I view my ipaddress on my website using clooudflare as reverse proxy, cloudflare sends me only the ipv6, not the ipv4. How are all the ip identification websites able to see both? I also know from my own research that ipv6 is I’m pretty sure impossible to use for regular web surfing, I tried it once and found that only about 5% or less of any websites worked.

The main reason for collecting them is anti-fraud. I want to have some idea if a lot of bad actions are coming from the same or similar IP. Also, I might want yo look them up against a database to see if they are datacenter IP addr, etc.

I would also add, the ipv6 seem a lot less user friendly than IPV4. It is difficult to read then. to see if they are from similar blocks, etc.

That’s done by loading elements from two separate hostnames: one that has only an A record and another that has only a AAAA record. This forces your connection to use the corresponding address family if you have it available. You won’t be able to do this with resources that you proxy through Cloudflare since Cloudflare always publishes an A and a AAAA record for proxied hostnames.

Relying on IPv4 for anti-fraud is not a viable solution on the modern internet. Focusing on finding better methods will be more productive than looking for an address that Cloudflare cannot collect.

1 Like

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.