>> > Normaly I can log user's IP address using os.environ["REMOTE_ADDR"] . >> > If a user is behind a proxy, I will log proxy's IP address only. >> > Is there a way how to find a real IP user's address? >> >> os.environ["HTTP_X_FORWARDED_FOR"] >> >> (but that can easily be spoofed, and is mostly meaningless if the user >> uses local IP addresses at the other side of the proxy, so you should >> use it with care)
> How can be HTTP_X_FORWARDED_FOR easily spoofed? I thought that IP > address is not possible change. I can setup my browser to always send you a fake HTTP_X_FORWARDED_FOR header. -- damjan -- http://mail.python.org/mailman/listinfo/python-list
