Comments on: REMOTE_ADDR and REMOTE_HOST not safe for use in security http://chafic.com/2004/04/20/remote_addr-and-remote_host-not-safe-for-use-in-security/ Technical discussion of Flex, Flash, and RIA development Thu, 10 Apr 2008 01:10:25 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Vesa http://chafic.com/2004/04/20/remote_addr-and-remote_host-not-safe-for-use-in-security/comment-page-1/#comment-626 Vesa Wed, 21 Apr 2004 10:29:55 +0000 http://rewindlife.com/?p=159#comment-626 "So if you're thinking about using CGI variables to secure a site, you need to think again. If you need to secure by IP address, then do it at the router and not in application code." Yeah, when talking about security/addressing, it's better do hardware "level" than by using some application coding. Spoofing is pretty easy with Windows machines. I never liked CGI thought ;) “So if you’re thinking about using CGI variables to secure a site, you need to think again. If you need to secure by IP address, then do it at the router and not in application code.”

Yeah, when talking about security/addressing, it’s better do hardware “level” than by using some application coding. Spoofing is pretty easy with Windows machines.

I never liked CGI thought ;)

]]>