diff --git a/api.php b/api.php
index 098c6c60..5a78eb6d 100644
--- a/api.php
+++ b/api.php
@@ -4,9 +4,9 @@ include("functions.php");
 include("config.php");
 
 // Get user IP
-$ip = mysqli_real_escape_string($mysqli,get_ip());
+$ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
 // Get user agent
-$user_agent = mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']);
+$user_agent = stip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
 
 // Check API key is provided in GET request as 'api_key'
 if(!isset($_GET['api_key']) OR empty($_GET['api_key'])) {
diff --git a/api/v1/validate_api_key.php b/api/v1/validate_api_key.php
index 16d3af63..01695ae8 100644
--- a/api/v1/validate_api_key.php
+++ b/api/v1/validate_api_key.php
@@ -7,9 +7,9 @@ include(__DIR__ . "../../../config.php");
 header('Content-Type: application/json');
 
 // Get user IP
-$ip = mysqli_real_escape_string($mysqli,get_ip());
+$ip = strip_tags(mysqli_real_escape_string($mysqli,get_ip()));
 // Get user agent
-$user_agent = mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']);
+$user_agent = strip_tags(mysqli_real_escape_string($mysqli,$_SERVER['HTTP_USER_AGENT']));
 
 // Setup return array
 $return_arr = array();