Best way to get the IP address of client is req.ip or req.connection.remoteAddress?

Question

I'm wondering what the best way to get the IP Address of a client from my express application is, as SOF and docs show req.ip & req.connection.remoteAddress. Not sure what the difference is and which is the one I should use.

Answer 1

req.ip will try to resolve the actual client IP-address by also taking into account headers that are set by proxy servers indicating the origin (client) of the request (although this will only be done if the trust proxy setting is explicitly enabled).

req.connection.remoteAddress will contain the IP-address of the client making the request, which in case of a proxy server will be the proxy's IP-address and not the one from the client on whose behalf the proxy is forwarding the request.

If you're using a reverse proxy that is forwarding requests to your Express server, req.ip and enabling trust proxy is the best solution. Otherwise, just plain req.ip will still do.

Answer 2

best way to get users IP is req.headers['x-forwarded-for'] || req.connection.remoteAddress;

like this var ip = req.headers['x-forwarded-for'] || req.connection.remoteAddress;

because may be you will use middleware (or most common used proxy) servers (like Cloudflare) for security reasons and if you use req.connection.remoteAddress it will send your middleware servers IP address everytime, but you can use x-forwarded-for header and req.connection.remoteAddress or req.ip together.

for more information read about x-forwarded-for http header

EDIT

as mentioned in comments below best practice to use req.ip || req.connection.remoteAddress; because even if you use app without proxy, in future you can use it with proxy, and with method above you can use your application without changing it.