获取PHP中的推荐站点IP地址

Question

I want to implement a referral program for my SaaS product.

The partner will have a link on their website that will direct their user to my signup form:

domain.com/referral/201030

"201030" being the member id from the partner site.

I want to make sure the page request came from my partner site,

I know I could check $_SERVER['HTTP_REFERER'] but that is not secure.

Is there a way I can check the IP address of the site referring the user to my webpage with PHP?

Answer 1

When do you need high security?

For an API for example, you want to track the incoming traffic and make sure only authenticated clients can access the API. This needs higher security standards and exchange of public keys and secrets.

When not?

A referral program doesn't need this kind of security.

The more traffic you have, the better for you. You don't care where the lead is coming from. When I send my partner program link to someone via messenger, there is not even a HTTP_REFERER.

Is it even possible?

It is very difficult impossible to make sure where the user is coming from without serverside interaction, obfuscation and dynamic links.

Any chance?

The only way, using a static link, is $_SERVER['HTTP_REFERER'] . You can downvote the answer now, but it doesn't change the fact that there is no way, with a simple, non-dynamic link like shown in the question.

Turn the referer into an IP

To turn the HTTP_REFERER into an IP:

$urlParts = parse_url($_SERVER['HTTP_REFERER']);
$ip       = gethostbyname($urlParts['host']);

Keep in mind, this is not reliable nor secure in any way.