An IP address helps Facebook and Google to determine whether someone trying to access your account is in fact you. I’ve seen proxies able to “spoof” the IP address, but that wouldn’t change it to the correct one for access to that account. If someone knew my IP address and password to one of my accounts, would it be possible for someone to spoof their IP address to match mine? Is IP address security like this really safe and would it be good to incorporate it into my php scripts?
An IP address helps Facebook and Google to determine whether someone trying to access
Share
You can’t really spoof an IP effectively because if you do, http responses will go to that IP rather than yours. As such, it’d probably not be the best use of your time. (They can be fake, but they can’t receive the intended data.)
By “receive the intended data”, I mean that if someone at 127.0.9.63 tries to send a login request to Google, and spoofs their IP to be 123.53.53.234, then Google will send the response to 123.53.53.234, not 127.0.9.63. That means that the would-be hacker at 127.0.9.63 never actually receives any data pertaining to your account.
This is a risk (but probably not to you) – it’s a well established way of conducting DDoS (Distributed Denial of Service) attacks. Have a look at this article if you’re curious.