HoneyPot using JavaScript

<form ... >
<input type="hidden" name="nojs" id="nojs" />
if (isset($_REQUEST['nojs'])) {
// It is a BOT

Upgrade PHP 5.6 to PHP 7 on CentOS7 (VestaCP)


CentOS 7:
wget https://dl.fedoraproject.org/pub/epel/epel-release-latest-7.noarch.rpm
wget http://rpms.remirepo.net/enterprise/remi-release-7.rpm
rpm -Uvh remi-release-7.rpm epel-release-latest-7.noarch.rpm

yum install yum-utils
For PHP 7.2: yum-config-manager –enable remi-php72
For PHP 7.3: yum-config-manager –enable remi-php73
yum update -y

PHP getRealIpAddress Function

HTTP_X_FORWARDED_FOR can have multiple IPs like,

function getRealIpAddr()  
    if (!empty($_SERVER['HTTP_CLIENT_IP']))  
    elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR']))
    return $ip;  

Get User IP using PHP

 $client  = $_SERVER['HTTP_CLIENT_IP'];
 $remote  = $_SERVER['REMOTE_ADDR'];

What is the difference between HTTP_CLIENT_IP and HTTP_X_FORWARDED_FOR? – it is impossible to say. Different proxies may implement these, or may not. The implementations may vary from one proxy to the next, and they may not. A lack of a standard breeds question marks.
If more than one proxy was involved – the X-Forwarded-For: header might then contain a complete track of the forwarding chain, whereas the Client-IP: header would contain the actual client IP. This is pure speculation, however.