Our website uses a php script to capture the IP address of visitors.

Starting on 19 August, this PHP code


started returning 10.195.xxx.xx regardless of where the visitor is located.

Has something changed at Cloudflare or my host GoDaddy?

I’m a just script kiddie, using a script created by a neighborhood teenager ten years ago.

1 Like

If you want to restore the original IP behind Cloudflare with PHP, I would recommend you to implement it something like this:


This will overwrite the $_SERVER['REMOTE_ADDR'] with $_SERVER["HTTP_CF_CONNECTING_IP"] if it exists and is a valid IP. This will then work without any other changes PHP wise, as you can continue to use $_SERVER['REMOTE_ADDR']


Thanks, M4rt1n!

This thread also discusses the issue: environment variables - How to get the client IP address in PHP - Stack Overflow and has similar code.

I appreciate your help.


Well, that’s common practice :slight_smile: But I have not seen the filter_var($_SERVER['HTTP_CF_CONNECTING_IP'], FILTER_VALIDATE_IP) part in there. Which will protect against header modification, if it results in $_SERVER['HTTP_CF_CONNECTING_IP'] not containing a valid IP and therefore probably breaks the page.


This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.