I have Akismet set up to keep spam out as well as keeping all comments for moderation, I initially decided to do some IP blocks seeming as there would be a few that would constantly send spam.
The only problem was that as WordPress only use
$_SERVER['REMOTE_ADDR']
to determine a user’s IP address which as most people who know PHP know it is a bad idea because it doesn’t take into account proxies etc. In my case it was actually giving Servage’s own IP for every result which wasn’t of much use unless I wanted to block comments/trackbacks altogether.
As there’s no documentation that I could find about where WordPress actually contains the code to find the IP and Google wasn’t much help I had to look manually.
I eventually found it in comments.php in the wp-includes directory.
$commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '', $_SERVER['REMOTE_ADDR'] );
First to add in the neccessary code a variable must be created, change the above code to this:
$commentdata['comment_author_IP'] = preg_replace( '/[^0-9a-fA-F:., ]/', '',$bp_IP );
Then add the required code above that stating:
$bp_IP = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : $_SERVER['REMOTE_ADDR'];
This allows the correct IP to be shown in most cases, most of the thanks must go to Jason for this.
Update: This piece of code also works in WordPress 2.6x.
Thank you! It work on WP 2.8.0, too! 🙂