Is there a way to spoof IP address in CURL

by yakim1
5 replies
I have created software that will add buyer name and email address to an autoresponder without the buyer filling out a form. When I do it in a one pixel iframe in the browser the users IP address is sent to the autoresponder.

However, when using the browser to send this data, when something goes wrong it will stop the rest of the script.

But if I have the server send the data using curl, the servers IP address is sent to the autoresponder which is a violation of the autoresponders terms of service.

Does anyone know how to spoof the users IP address when using curl instead of the server IP address?
#address #curl #spoof
  • Profile picture of the author phpg
    You can't spoof IP address using curl. It's not clear how exactly your iframe works and why it stops the script when something's wrong, but probably that can be fixed.

    http://curl.haxx.se/docs/faq.html#Ca...l_fake_or_hide
    http://stackoverflow.com/questions/5...ess-using-curl
    {{ DiscussionBoard.errors[8925134].message }}
    • Profile picture of the author Zdenek Koukol
      So I suppose that you have list of the IP address of each user. And what you trying to do is to provide those information to "autoresponder"? So you are filling up fields automaticly with visitor name and email. And I suppose that you use iframe which will load those data from your DB and put it there over JAVASCRIPT, right? What about issue with different domains (cross domain security) ? I am not sure if you go correct way.
      Signature

      Check my website ... http://www.becomerichforever.com

      {{ DiscussionBoard.errors[8926744].message }}
      • Profile picture of the author yakim1
        Originally Posted by Zdenek Koukol View Post

        So I suppose that you have list of the IP address of each user. And what you trying to do is to provide those information to "autoresponder"? So you are filling up fields automaticly with visitor name and email. And I suppose that you use iframe which will load those data from your DB and put it there over JAVASCRIPT, right? What about issue with different domains (cross domain security) ? I am not sure if you go correct way.
        What we are doing with the iframe would be as if the user was filling out the opt-in form personally. So we don't have the problem you are suggesting.

        We used a 1 pixel iframe to add an autoresponder form code from the DB to the iframe. This is on the thank you page that the buyer lands on after paying at PayPal. We receive the IPN message from PayPal, which is added to the sales table. When the IPN message is received, we also know the buyer's name and email address.

        That data is added to the form in the iframe and then send to the autoresponder. This method supplies the user's correct IP address to the autoresponder and we have no problems with the autoresponder companies with this method.

        Our problem with this method was 2 fold. The first problem arose 6 years ago when aWeber and Getresponse used a default thank you page that played an audio. Naturally the audio would play even though the user could not see the page because of the 1 pixel iframe.

        The second problem was when we had to load more than one autoresponder form code if more than one person was to receive the buyer's data. If something when wrong with one of the autoresponders the other would not load into the iframe.

        To solve these 2 problems we started to let curl send the data, but now the server IP address is always used. This violates the autoresponder companies terms of service.

        I'm not the actual coder on this project but I believe we are going to try one iframe per autoresponder form being used. This was what I wanted to try. I'm thinking that if something happens to one iframe then that will be the only iftrame affected and the others will still function.

        In the system settings I will have a choice for the admin to either use server or browser to send the emails. That way if something happens to the iframe like the audio example I gave, the admin can switch to the server method and use curl.

        Another reason for doing things this way is so I can control the redirect and take the redirect control away from the autoresponder.

        This control has a lot of advantages. I can put a generic form on a squeeze page and allow my affiliates to connect their autoresponder to the squeeze page. When they use their affiliate link to send traffic to the squeeze page the software will use that affiliates autoresponder form code to send the data from the squeeze page to the affiliate's autoresponder.

        I also have a pdf module that will automatically brand the pdf report given away on the squeeze page with the affiliate's links when downloaded by the new subscriber. Because I control the redirect, I control where the person goes after clicking the submit button.

        It does not matter what redirect the affiliate has set in his autoresponder, the new subscriber will never see that page.

        It is just that when we switched to using curl to send the data, we have not had any functional problems with the system other than not sending the user's IP address but always sending the server's IP address.

        The autoresponders have stopped using and audio on their redirect page now and the multiple iframe idea may solve the problem for us. The only thing we can't hide is the audio that may load in one of the iframes.

        It is easy to get the users IP address so if there is a dependable way to add the user's IP address to the process when using curl then it would become the method of choice.

        I did try some of the suggestions on this page...

        php - cURL ip address - Stack Overflow

        ...but could not get it to work.

        Looking for any suggestions to test.

        Best regards,
        Steve Yakim
        {{ DiscussionBoard.errors[8928981].message }}
        • Profile picture of the author Zdenek Koukol
          Originally Posted by yakim1 View Post

          The second problem was when we had to load more than one autoresponder form code if more than one person was to receive the buyer's data. If something when wrong with one of the autoresponders the other would not load into the iframe.
          How do you loading data to iframe? It is page, or it is JS, which load some data from server?

          And how more people can have access to same data over one page?

          This is what is not to clear to me.

          Do you have some example to show?
          Signature

          Check my website ... http://www.becomerichforever.com

          {{ DiscussionBoard.errors[8929228].message }}
  • Profile picture of the author yakim1
    I did not think there was a way to spoof the IP address in curl. So now I have the browser sending the data and it is functioning without error so far. thanks for everyone's input.

    Best regards,
    Steve Yakim
    {{ DiscussionBoard.errors[8965945].message }}

Trending Topics