If I block users with a blank IP address, will that affect innocent, non-technical users?

Question

I run a website with an anonymous commenting feature. Users can flag each other for abuse; flags are tied to an IP address (grabbed via PHP from $_SERVER['REMOTE_ADDR']).

I've noticed that 99% of the flags are for a blank IP.

I'm thinking of putting up a message saying "An IP address is required to comment" and disallowing blank IPs.

For a computer-savvy person who is non-malicious but just wants privacy, I'm not too concerned. They can decide for themselves if they value privacy or the ability to comment more.

What I'm concerned about is blocking a non-technical and non-malicious user who doesn't realize that they don't have an IP address, and is thus confused when they are unable to comment. Is there any scenario in which this might occur?

Answer 1

Rule #1 of IP-based networks. Everyone communicating on it has an IP. You can masquerade it through a 3rd party, but you still have a public IP. There are no exceptions. The Internet is an IP-based network. I suspect you have some bad logic in your code someplace.

Answer 2

It is also possible that those variables are just not returning the expected results, and thus are blank. You could try something like this:

 if ($_SERVER["HTTP_X_FORWARDED_FOR"]) {
   if ($_SERVER["HTTP_CLIENT_IP"]) {
    $proxy = $_SERVER["HTTP_CLIENT_IP"];
  } else {
    $proxy = $_SERVER["REMOTE_ADDR"];
  }
  $ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} else {
  if ($_SERVER["HTTP_CLIENT_IP"]) {
    $ip = $_SERVER["HTTP_CLIENT_IP"];
  } else {
    $ip = $_SERVER["REMOTE_ADDR"];
  }
}

echo "Your IP $ip<BR>\n";
if (isset($proxy)) {
  echo "Your proxy IP is $proxy<BR>\n";
}

As gleaned from the PHP manual page at: http://www.php.net/manual/en/language.variables.predefined.php#31724