Login verification based on the username and password, I have done the php application.
I also want to implement IP address verification. (A user can not log in with two different IP addresses at the same time)
I am thinking, will it be reliable on the production environment? Because some say that the proxy address will only be received by the PHP server. So what?
There are some things to consider:
It is more than possible A legitimate user of your system can share IPs with their ISP, this type of setup is called NAT, a separate request from the same legitimate users can come in a different IP address during the same session, which is more rare But this happens. Also there is a real possibility as a proxy you mentioned.
So be careful about this before implementing such a facility.
Comments
Post a Comment