Getting clients’ IP address (Real IP) in PHP after installing WAF

When Cloudbric is added to your website, the client’s IP changes to Cloudbric’s IP making it unable to differentiate client IP for incoming traffic. You can fix this in two ways in PHP from the web server.

PHP supports HTTP_X_FORWARDED_FOR and HTTP_X_REAL_IP headers through the definitions within the .PHP web files. The definitions are usually entered in the web page’s configuration files. To obtain the client’s actual IP address, edit a PHP file that is opened when people visit your website. So, configuration files are opened every time a user visits. These files often named: config.php, global.php or defines.php


1. Open the PHP file in the text editor.

2. At the top of the file after <?php, add:


function ipCheck() {
if (getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');

elseif (getenv('HTTP_X_REAL_IP')) {
$ip = getenv('HTTP_X_REAL_IP');

else {

return $ip;
echo ipCheck();


This configures your script to look for the HTTP_X_FORWARDED_FOR and HTTP_X_REAL_IP header, and uses that as the clients IP address instead of logging Cloudbric’s IP. 

If successful, the IP of users connecting through Cloudbric should be visible.

Have more questions? Submit a request


  • Avatar
    Sophia Hey

    Thank you for this good article
    You can find or add more related books here: