Express.js: how to get remote client address

node.js express ip ip-address
Erik picture Erik · Jun 1, 2012 · Viewed 292.5k times · Source

I don't completely understand how I should get a remote user IP address.

Let's say I have a simple request route such as:

app.get(/, function (req, res){
   var forwardedIpsStr = req.header('x-forwarded-for');
   var IP = '';

   if (forwardedIpsStr) {
      IP = forwardedIps = forwardedIpsStr.split(',')[0];  
   }
});

Is the above approach correct to get the real user IP address or is there a better way? And what about proxies?

Answer

alessioalex picture alessioalex · Jun 1, 2012

If you are running behind a proxy like NGiNX or what have you, only then you should check for 'x-forwarded-for':

var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;

If the proxy isn't 'yours', I wouldn't trust the 'x-forwarded-for' header, because it can be spoofed.

Related questions

Writing files in Node.js

I've been trying to find a way to write to a file when using Node.js, but with no success. How can I do that?

Read More
How to get GET (query string) variables in Express.js on Node.js?

Can we get the variables in the query string in Node.js just like we get them in $_GET in PHP? I know that in Node.js we can get the URL in the request. Is there a method to …

Read More
Error: Can't set headers after they are sent to the client

I'm fairly new to Node.js and I am having some issues. I am using Node.js 4.10 and Express 2.4.3. When I try to access http://127.0.0.1:8888/auth/facebook, i'll be redirected to http://127.0.0.1:8888/auth/facebook_callback. I then received the following …

Read More