remote ip address

30/03/2008, 00h12

I am going to be using a simple ip limiting system on a site I'm working
on and using php you can get the remote ip simply by calling something
like
<?php echo $REMOTE_ADDR; ?>
Is there a similar method in ruby? I am not using rails, not supported
on the server I'm using. Thanks
--
Posted via http://www.ruby-forum.com/.

30/03/2008, 00h29

El Domingo, 30 de Marzo de 2008, Ben Aroia escribi=C3=B3:
> I am going to be using a simple ip limiting system on a site I'm working
> on and using php you can get the remote ip simply by calling something
> like
> <?php echo $REMOTE_ADDR; ?>
> Is there a similar method in ruby? I am not using rails, not supported
> on the server I'm using. Thanks

That depends on the Ruby web server you are using. The source IP is obtaine=
d=20
from the connection Ruby socket (if Ruby handles the conecction) but if you=
=20
are using a web server that is the responsible of handling the TCP connecti=
on=20
and providing the origin address:port in form of variable and so.

=2D-=20
I=C3=B1aki Baz Castillo

30/03/2008, 00h51

IÃ±aki Baz Castillo wrote:
> El Domingo, 30 de Marzo de 2008, Ben Aroia escribiÃ³:
>> I am going to be using a simple ip limiting system on a site I'm working
>> on and using php you can get the remote ip simply by calling something
>> like
>> <?php echo $REMOTE_ADDR; ?>
>> Is there a similar method in ruby? I am not using rails, not supported
>> on the server I'm using. Thanks
>
> That depends on the Ruby web server you are using. The source IP is
> obtained
> from the connection Ruby socket (if Ruby handles the conecction) but if
> you
> are using a web server that is the responsible of handling the TCP
> connection
> and providing the origin address:port in form of variable and so.

Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a
form that is submitted using GET to /ruby.rb. ruby.rb generates the
content for the page depending on the form input. I'm not sure if I'm
all that clear. It's not a ruby web server. It's just a script on a web
server.
--
Posted via http://www.ruby-forum.com/.

30/03/2008, 00h55

El Domingo, 30 de Marzo de 2008, Ben Aroia escribi=C3=B3:

> Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a
> form that is submitted using GET to /ruby.rb. ruby.rb generates the
> content for the page depending on the form input. I'm not sure if I'm
> all that clear. It's not a ruby web server. It's just a script on a web
> server.

So, does PHP call to a Ruby script?

If that, the only way is that PHP passes the source address as a parameter =
to=20
the Ruby script. Note that in your case Ruby is not handling the socket at=
=20
ALL, so it's no way to get the address IP:port except passing it as=20
parameter.

=2D-=20
I=C3=B1aki Baz Castillo

30/03/2008, 00h57

IÃ±aki Baz Castillo wrote:
> El Domingo, 30 de Marzo de 2008, Ben Aroia escribiÃ³:
>
>> Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a
>> form that is submitted using GET to /ruby.rb. ruby.rb generates the
>> content for the page depending on the form input. I'm not sure if I'm
>> all that clear. It's not a ruby web server. It's just a script on a web
>> server.
>
> So, does PHP call to a Ruby script?
>
> If that, the only way is that PHP passes the source address as a
> parameter to
> the Ruby script. Note that in your case Ruby is not handling the socket
> at
> ALL, so it's no way to get the address IP:port except passing it as
> parameter.

Ah. Ok. Thanks.
--
Posted via http://www.ruby-forum.com/.

30/03/2008, 09h08

The remote ip is a CGI parameters. All webservers should set this, you can=
=20
read it with (assuming you use CGI):

require 'cgi'
$stderr.puts "Remote Addr: #{CGI.new.remote_addr}"

Martin

On Sunday 30 March 2008 00:51:25 Ben Aroia wrote:
> I=C3=B1aki Baz Castillo wrote:
> > El Domingo, 30 de Marzo de 2008, Ben Aroia escribi=C3=B3:
> >> I am going to be using a simple ip limiting system on a site I'm worki=
ng
> >> on and using php you can get the remote ip simply by calling something
> >> like
> >> <?php echo $REMOTE_ADDR; ?>
> >> Is there a similar method in ruby? I am not using rails, not supported
> >> on the server I'm using. Thanks
> >
> > That depends on the Ruby web server you are using. The source IP is
> > obtained
> > from the connection Ruby socket (if Ruby handles the conecction) but if
> > you
> > are using a web server that is the responsible of handling the TCP
> > connection
> > and providing the origin address:port in form of variable and so.
>
> Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a
> form that is submitted using GET to /ruby.rb. ruby.rb generates the
> content for the page depending on the form input. I'm not sure if I'm
> all that clear. It's not a ruby web server. It's just a script on a web
> server.

30/03/2008, 09h24

Martin Boese wrote:
> The remote ip is a CGI parameters. All webservers should set this, you
> can
> read it with (assuming you use CGI):
>
> require 'cgi'
> $stderr.puts "Remote Addr: #{CGI.new.remote_addr}"
>
> Martin

Thanks. I simply did the following:
<?php
echo "<input type=\"hidden\" name = \"ip\" value=\"".$REMOTE_ADDR."\" />
<br />";
?>
and then a
ip = cgi['ip'] in the ruby script.
--
Posted via http://www.ruby-forum.com/.

30/03/2008, 09h30

[Note: parts of this message were removed to make it a legal post.]

Hi,

On Sun, Mar 30, 2008 at 7:24 PM, Ben Aroia <benaroia@gmail.com> wrote:

> <?php
> echo "<input type=\"hidden\" name = \"ip\" value=\"".$REMOTE_ADDR."\" />
> <br />";
> ?>
> and then a
> ip = cgi['ip'] in the ruby script.
>

This is dangerous to rely on. From a security point of a view (why do you
want their IP anyway? question #1.), anyone could just submit a different
`ip' value and you'd record that.

See take Martin's advice as is: CGI.new.remote_addr will return the address
without it being submitted via the PHP script, hence this line of `attack'
is eliminated.

Cheers,
Arlen.

30/03/2008, 09h37

Arlen Cuss wrote:
> Hi,
>....
> This is dangerous to rely on. From a security point of a view (why do
> you
> want their IP anyway? question #1.), anyone could just submit a
> different
> `ip' value and you'd record that.
>
> See take Martin's advice as is: CGI.new.remote_addr will return the
> address
> without it being submitted via the PHP script, hence this line of
> `attack'
> is eliminated.
>
> Cheers,
> Arlen.

Very good point and I'll consider it. I'm simply using it to get a
general idea of how many times people access it.
--
Posted via http://www.ruby-forum.com/.

30/03/2008, 00h29	#2
IÃ±aki Baz Castillo Messages: n/a Hébergeur:	Re: remote ip address El Domingo, 30 de Marzo de 2008, Ben Aroia escribi=C3=B3: > I am going to be using a simple ip limiting system on a site I'm working > on and using php you can get the remote ip simply by calling something > like > <?php echo $REMOTE_ADDR; ?> > Is there a similar method in ruby? I am not using rails, not supported > on the server I'm using. Thanks That depends on the Ruby web server you are using. The source IP is obtaine= d=20 from the connection Ruby socket (if Ruby handles the conecction) but if you= =20 are using a web server that is the responsible of handling the TCP connecti= on=20 and providing the origin address:port in form of variable and so. =2D-=20 I=C3=B1aki Baz Castillo

30/03/2008, 00h51	#3
Ben Aroia Messages: n/a Hébergeur:	Re: remote ip address IÃ±aki Baz Castillo wrote: > El Domingo, 30 de Marzo de 2008, Ben Aroia escribiÃ³: >> I am going to be using a simple ip limiting system on a site I'm working >> on and using php you can get the remote ip simply by calling something >> like >> <?php echo $REMOTE_ADDR; ?> >> Is there a similar method in ruby? I am not using rails, not supported >> on the server I'm using. Thanks > > That depends on the Ruby web server you are using. The source IP is > obtained > from the connection Ruby socket (if Ruby handles the conecction) but if > you > are using a web server that is the responsible of handling the TCP > connection > and providing the origin address:port in form of variable and so. Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a form that is submitted using GET to /ruby.rb. ruby.rb generates the content for the page depending on the form input. I'm not sure if I'm all that clear. It's not a ruby web server. It's just a script on a web server. -- Posted via http://www.ruby-forum.com/.

30/03/2008, 00h55	#4
IÃ±aki Baz Castillo Messages: n/a Hébergeur:	Re: remote ip address El Domingo, 30 de Marzo de 2008, Ben Aroia escribi=C3=B3: > Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a > form that is submitted using GET to /ruby.rb. ruby.rb generates the > content for the page depending on the form input. I'm not sure if I'm > all that clear. It's not a ruby web server. It's just a script on a web > server. So, does PHP call to a Ruby script? If that, the only way is that PHP passes the source address as a parameter = to=20 the Ruby script. Note that in your case Ruby is not handling the socket at= =20 ALL, so it's no way to get the address IP:port except passing it as=20 parameter. =2D-=20 I=C3=B1aki Baz Castillo

30/03/2008, 00h57	#5
Ben Aroia Messages: n/a Hébergeur:	Re: remote ip address IÃ±aki Baz Castillo wrote: > El Domingo, 30 de Marzo de 2008, Ben Aroia escribiÃ³: > >> Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a >> form that is submitted using GET to /ruby.rb. ruby.rb generates the >> content for the page depending on the form input. I'm not sure if I'm >> all that clear. It's not a ruby web server. It's just a script on a web >> server. > > So, does PHP call to a Ruby script? > > If that, the only way is that PHP passes the source address as a > parameter to > the Ruby script. Note that in your case Ruby is not handling the socket > at > ALL, so it's no way to get the address IP:port except passing it as > parameter. Ah. Ok. Thanks. -- Posted via http://www.ruby-forum.com/.

30/03/2008, 09h08	#6
Martin Boese Messages: n/a Hébergeur:	Re: remote ip address The remote ip is a CGI parameters. All webservers should set this, you can= =20 read it with (assuming you use CGI): require 'cgi' $stderr.puts "Remote Addr: #{CGI.new.remote_addr}" Martin On Sunday 30 March 2008 00:51:25 Ben Aroia wrote: > I=C3=B1aki Baz Castillo wrote: > > El Domingo, 30 de Marzo de 2008, Ben Aroia escribi=C3=B3: > >> I am going to be using a simple ip limiting system on a site I'm worki= ng > >> on and using php you can get the remote ip simply by calling something > >> like > >> <?php echo $REMOTE_ADDR; ?> > >> Is there a similar method in ruby? I am not using rails, not supported > >> on the server I'm using. Thanks > > > > That depends on the Ruby web server you are using. The source IP is > > obtained > > from the connection Ruby socket (if Ruby handles the conecction) but if > > you > > are using a web server that is the responsible of handling the TCP > > connection > > and providing the origin address:port in form of variable and so. > > Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a > form that is submitted using GET to /ruby.rb. ruby.rb generates the > content for the page depending on the form input. I'm not sure if I'm > all that clear. It's not a ruby web server. It's just a script on a web > server.

30/03/2008, 00h12	#1
Ben Aroia Messages: n/a Hébergeur:	remote ip address I am going to be using a simple ip limiting system on a site I'm working on and using php you can get the remote ip simply by calling something like <?php echo $REMOTE_ADDR; ?> Is there a similar method in ruby? I am not using rails, not supported on the server I'm using. Thanks -- Posted via http://www.ruby-forum.com/.

30/03/2008, 09h24	#7
Ben Aroia Messages: n/a Hébergeur:	Re: remote ip address Martin Boese wrote: > The remote ip is a CGI parameters. All webservers should set this, you > can > read it with (assuming you use CGI): > > require 'cgi' > $stderr.puts "Remote Addr: #{CGI.new.remote_addr}" > > Martin Thanks. I simply did the following: <?php echo "<input type=\"hidden\" name = \"ip\" value=\"".$REMOTE_ADDR."\" /> <br />"; ?> and then a ip = cgi['ip'] in the ruby script. -- Posted via http://www.ruby-forum.com/.

30/03/2008, 09h30	#8
Arlen Cuss Messages: n/a Hébergeur:	Re: remote ip address [Note: parts of this message were removed to make it a legal post.] Hi, On Sun, Mar 30, 2008 at 7:24 PM, Ben Aroia <benaroia@gmail.com> wrote: > <?php > echo "<input type=\"hidden\" name = \"ip\" value=\"".$REMOTE_ADDR."\" /> > <br />"; > ?> > and then a > ip = cgi['ip'] in the ruby script. > This is dangerous to rely on. From a security point of a view (why do you want their IP anyway? question #1.), anyone could just submit a different `ip' value and you'd record that. See take Martin's advice as is: CGI.new.remote_addr will return the address without it being submitted via the PHP script, hence this line of `attack' is eliminated. Cheers, Arlen.

30/03/2008, 09h37	#9
Ben Aroia Messages: n/a Hébergeur:	Re: remote ip address Arlen Cuss wrote: > Hi, >.... > This is dangerous to rely on. From a security point of a view (why do > you > want their IP anyway? question #1.), anyone could just submit a > different > `ip' value and you'd record that. > > See take Martin's advice as is: CGI.new.remote_addr will return the > address > without it being submitted via the PHP script, hence this line of > `attack' > is eliminated. > > Cheers, > Arlen. Very good point and I'll consider it. I'm simply using it to get a general idea of how many times people access it. -- Posted via http://www.ruby-forum.com/.

Outils de la discussion
Afficher une version imprimable Envoyer un lien vers cette page par email