Remote ip address

I am going to be using a simple ip limiting system on a site I’m working
on and using php you can get the remote ip simply by calling something
like

<?php echo $REMOTE_ADDR; ?>

Is there a similar method in ruby? I am not using rails, not supported
on the server I’m using. Thanks

El Domingo, 30 de Marzo de 2008, Ben A. escribió:

I am going to be using a simple ip limiting system on a site I’m working
on and using php you can get the remote ip simply by calling something
like

<?php echo $REMOTE_ADDR; ?>

Is there a similar method in ruby? I am not using rails, not supported
on the server I’m using. Thanks

That depends on the Ruby web server you are using. The source IP is
obtained
from the connection Ruby socket (if Ruby handles the conecction) but if
you
are using a web server that is the responsible of handling the TCP
connection
and providing the origin address:port in form of variable and so.

Iñaki Baz C. wrote:

El Domingo, 30 de Marzo de 2008, Ben A. escribió:

I am going to be using a simple ip limiting system on a site I’m working
on and using php you can get the remote ip simply by calling something
like

<?php echo $REMOTE_ADDR; ?>

Is there a similar method in ruby? I am not using rails, not supported
on the server I’m using. Thanks

That depends on the Ruby web server you are using. The source IP is
obtained
from the connection Ruby socket (if Ruby handles the conecction) but if
you
are using a web server that is the responsible of handling the TCP
connection
and providing the origin address:port in form of variable and so.

Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a
form that is submitted using GET to /ruby.rb. ruby.rb generates the
content for the page depending on the form input. I’m not sure if I’m
all that clear. It’s not a ruby web server. It’s just a script on a web
server.

El Domingo, 30 de Marzo de 2008, Ben A. escribió:

Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a
form that is submitted using GET to /ruby.rb. ruby.rb generates the
content for the page depending on the form input. I’m not sure if I’m
all that clear. It’s not a ruby web server. It’s just a script on a web
server.

So, does PHP call to a Ruby script?

If that, the only way is that PHP passes the source address as a
parameter to
the Ruby script. Note that in your case Ruby is not handling the socket
at
ALL, so it’s no way to get the address IP:port except passing it as
parameter.

Iñaki Baz C. wrote:

El Domingo, 30 de Marzo de 2008, Ben A. escribió:

Apache/1.3.34 Ben-SSL/1.55 is the server info. It goes index.php has a
form that is submitted using GET to /ruby.rb. ruby.rb generates the
content for the page depending on the form input. I’m not sure if I’m
all that clear. It’s not a ruby web server. It’s just a script on a web
server.

So, does PHP call to a Ruby script?

If that, the only way is that PHP passes the source address as a
parameter to
the Ruby script. Note that in your case Ruby is not handling the socket
at
ALL, so it’s no way to get the address IP:port except passing it as
parameter.

Ah. Ok. Thanks.

The remote ip is a CGI parameters. All webservers should set this, you
can
read it with (assuming you use CGI):

require ‘cgi’
$stderr.puts “Remote Addr: #{CGI.new.remote_addr}”

Martin

Martin B. wrote:

The remote ip is a CGI parameters. All webservers should set this, you
can
read it with (assuming you use CGI):

require ‘cgi’
$stderr.puts “Remote Addr: #{CGI.new.remote_addr}”

Martin

Thanks. I simply did the following:

<?php echo "
"; ?>

and then a
ip = cgi[‘ip’] in the ruby script.

Hi,

On Sun, Mar 30, 2008 at 7:24 PM, Ben A. [email protected] wrote:

<?php echo "
"; ?>

and then a
ip = cgi[‘ip’] in the ruby script.

This is dangerous to rely on. From a security point of a view (why do
you
want their IP anyway? question #1.), anyone could just submit a
different
`ip’ value and you’d record that.

See take Martin’s advice as is: CGI.new.remote_addr will return the
address
without it being submitted via the PHP script, hence this line of
`attack’
is eliminated.

Cheers,
Arlen.

Arlen C. wrote:

Hi,

This is dangerous to rely on. From a security point of a view (why do
you
want their IP anyway? question #1.), anyone could just submit a
different
`ip’ value and you’d record that.

See take Martin’s advice as is: CGI.new.remote_addr will return the
address
without it being submitted via the PHP script, hence this line of
`attack’
is eliminated.

Cheers,
Arlen.

Very good point and I’ll consider it. I’m simply using it to get a
general idea of how many times people access it.