Home/ Questions/Q 8286199
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T11:39:17+00:00

I have read this: How to get the my system's IP address But it’s

  • 0

I have read this:

How to get the my system's IP address

But it’s not really getting at the root problem for me. I need to get the client IP on an internal network, eg, something 192.168.1.7 so that I know if the server is being accessed from an internal location or not.

I’m updating some code that was built some time ago by someone else, and this code snippet is in there:

$octet = explode(".", getenv("REMOTE_ADDR"), 4);

if($octet[0] != 192 && $octet[1] != 168 && $octet[2] != 1) { 
    die("You are unable to view this page from your current location."); 
}

This looks like it’s testing for that internal IP, but on another page with similar code, I get the die message. That code actually shows my IP to be something other than 192.168.1.7(this code’s actually showing my static IP given to me by the ISP):

if($octet[0] != 192 && $octet[1] != 168 && $octet[2] != 1) { 
    die("You are unable to view this page from your current location: " . getenv("REMOTE_ADDR")); 
}

I’m a bit confused because this code seemed to have worked in the past but it isn’t now. I’m not totally sure when it stopped working but based on the code I’m seeing, it shouldn’t have worked in the first place.

NOTE

I should also mention that all the clients needing access to this server are internal (mostly). It’s a CRM with a custom license key module. I want these PHP pages to be accessible to only those clients on the 192.168.1.0 network. But the tricky part is that there is a way to access the non-key system part of the CRM from outside using DNS at a location like this:

crm.my-domain.com

Suffice it to say that those clients accessing the CRM from outside the network, should not have access to the key module; only those clients on the 192.168.1.0 network should be able to see the keys. So if I can get the internal IP I can test for it and show the page.

NOTE 2

I am running a DNS in the network and I have a portforward on the router to the server in question that is <internal_ip> on port 80.

The DNS has an A record like this:

crm_servername    A    192.168.1.20

And it has a CNAME of this:

crm    CNAME    crm_servername.my-domain.com

Do I need more than this or should this work for me? Currently I can access the server in question by the subdomain address but when I get to the pages in question, it still shows an external IP, non-192.168.1.x

My question is, how to set up my DNS zone file such that when I am on the local network, and I go to a server on an IP such as 192.168.1.20, that I stay within the network and don’t get routed out and then back in again? It seems I’m going out and then in, from the ISP static IP, and the server thinks this.

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You could probably make this code work better if you change it to this:

    function is_local($ip) {
    $octet = explode('.', $ip);

    return ($octet[0] == '10' ||
        ($octet[0] == '172' && ((int)$octet[1] >=16 && (int)$octet[1] <= 31)) ||
        ($octet[0] == '192' && $octet[1] == '168')
    );
}

    This code will check if the IP address falls into any of the private network ranges which should mean your client is internal or connected through a VPN.

    That may solve your issue, or it may be too broad. If your IP is showing up as the one from your ISP, then somehow you aren’t on the local network when you think you are or you’re being port-forwarded into the internal network and therefore still show the remote IP address to the server.

    • 0