Grab users' IP address on Glitch with Cloudflare

Hey gamers, I’m trying to do something similar to http://bot.whatismyipaddress.com

I’m using node.js/express.js. When using req.ip or req.ips, it gives me the reverse proxy Glitch IP since I’m using a custom domain. I’m trying to get the IP of who ever visited my site.

I know /cdn-cgi/trace exists, but I honestly don’t want to fiddle about with that!

Thanks,
:heart: - Will

That returns the reverse proxy IP address.

Are you using a custom domain?

Yes, forgot to mention that! If I don’t use a custom domain, it works perfectly fine.

I’d really like to know this too. :slight_smile:

Title says you are using cloudflare - If so, Cloudflare have their own methods for this. Not sure if there is one for nodejs but there is for apache
https://support.cloudflare.com/hc/en-us/sections/200805497-Restoring-Visitor-IPs

Here’s a method with express. It’s using a package for cloudflare and express. Install via npm. Using that code an package it adds a new paramater to the request accessible via:

req.cf_ip

Here’s the code: https://www.npmjs.com/package/cloudflare-express
Found via: https://stackoverflow.com/a/52027026
Google is a really good tool people. Multiple answers on restoring cloudflare visitor ips using a variety of network architecture and languages

1 Like

This also returns the reverse proxy IPV6 on a custom domain, however it works on the normal project-name.glitch.me.

Ah. Looks like fly.io or glitch must be messing with the IPs and not Cloudflare. Might be one for support@glitch.com. You could contact fly.io but I doubt they’d care

They all seem to need sudo. Maybe a feature idea?

This might be a fix in php:

<?php if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];?>


It works!!!

https://riverside.rocks/ip0

I got a 404. :slightly_frowning_face:

Yep. Just got the same error just now

Try now, it should work.

CloudFlare also has a setting where it will return the clients true IP in a header, but that’s a paid setting.

Still, a 404. And how did you get all of those dev details?

Updated the link, try now lol

What do you mean by dev details?