function ip_address

Returns the IP address of the client machine.

If Drupal is behind a reverse proxy, we use the X-Forwarded-For header instead of $_SERVER['REMOTE_ADDR'], which would be the IP address of the proxy server, and not the client's. The actual header name can be configured by the reverse_proxy_header variable.

Return value

IP address of client machine, adjusted for reverse proxy and/or cluster environments.

23 calls to ip_address()
BootstrapIPAddressTestCase::testIPAddressHost in modules/simpletest/tests/bootstrap.test
test IP Address and hostname
CommentActionsTestCase::testCommentPublishUnpublishHooks in modules/comment/comment.test
Test comment publish and unpublish hooks.
CommentInterfaceTest::setEnvironment in modules/comment/comment.test
Re-configures the environment, module settings, and user permissions.
CommentInterfaceTest::testCommentNewCommentsIndicator in modules/comment/comment.test
Tests new comment marker.
comment_save in modules/comment/comment.module
Accepts a submission of new or changed comment content.

... See full list

4 string references to 'ip_address'
BootstrapIPAddressTestCase::setUp in modules/simpletest/tests/bootstrap.test
Sets up a Drupal site for running functional and integration tests.
BootstrapIPAddressTestCase::tearDown in modules/simpletest/tests/bootstrap.test
Delete created files and temporary files directory, delete the tables created by setUp(), and reset the database prefix.
BootstrapIPAddressTestCase::testIPAddressHost in modules/simpletest/tests/bootstrap.test
test IP Address and hostname
IPAddressBlockingTestCase::testDuplicateIpAddress in modules/system/system.test
Test duplicate IP addresses are not present in the 'blocked_ips' table.


includes/, line 3286


function ip_address() {
    $ip_address =& drupal_static(__FUNCTION__);
    if (!isset($ip_address)) {
        $ip_address = $_SERVER['REMOTE_ADDR'];
        if (variable_get('reverse_proxy', 0)) {
            $reverse_proxy_header = variable_get('reverse_proxy_header', 'HTTP_X_FORWARDED_FOR');
            if (!empty($_SERVER[$reverse_proxy_header])) {
                // If an array of known reverse proxy IPs is provided, then trust
                // the XFF header if request really comes from one of them.
                $reverse_proxy_addresses = variable_get('reverse_proxy_addresses', array());
                // Turn XFF header into an array.
                $forwarded = explode(',', $_SERVER[$reverse_proxy_header]);
                // Trim the forwarded IPs; they may have been delimited by commas and spaces.
                $forwarded = array_map('trim', $forwarded);
                // Tack direct client IP onto end of forwarded array.
                $forwarded[] = $ip_address;
                // Eliminate all trusted IPs.
                $untrusted = array_diff($forwarded, $reverse_proxy_addresses);
                if (!empty($untrusted)) {
                    // The right-most IP is the most specific we can trust.
                    $ip_address = array_pop($untrusted);
                else {
                    // All IP addresses in the forwarded array are configured proxy IPs
                    // (and thus trusted). We take the leftmost IP.
                    $ip_address = array_shift($forwarded);
    return $ip_address;

Buggy or inaccurate documentation? Please file an issue. Need support? Need help programming? Connect with the Drupal community.