如何查看我的网站页面PHP的来源是什么

You can know some things about the request, for example:

1) IP address:

// Read the IP from who is really making the request (a user or a proxy)
$ipAddress = $_SERVER['REMOTE_ADDR'];
// Read the IP that the proxy is telling us making the request.
$ipAddress = isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : '';

If the source of the request is behind a proxy, $_SERVER['REMOTE_ADDR'] will have the IP of the proxy, so you can check the HTTP_X_FORWARDED_FOR header but can be easily spoofed, unless you have control of the proxy or is a trusted proxy.

2) User Agent:

// Using global $_SERVER
$userAgent = $_SERVER['HTTP_USER_AGENT'];

// Using get_browser function you can get an array with the information
$arrayBrowserInfo = get_browser($userAgent, true);

The User Agent is easily spoofed too, so you can't trust it's the correct one.

3) Referer:

$referer = isset($_SERVER['HTTP_REFERER']) ? $_SERVER['HTTP_REFERER'] : '';

The referer header is optional and no many browsers send to the XHR Requests.

If you are building an API, depending the use case may you can ask for a mandatory header or parameter in order to tell you more information of who is doing the request (Android App, iOS App, Website, etc.) Obviously, that can be easily spoofed.

So i don't recommend that using for security validations, but if you only want to know in order to log the calls for debug, may be useful.