Skip to content

metavida/remote_ip_proxy_scrubber

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits

lib

lib

 
 

spec

spec

 
 

.gitignore

.gitignore

 
 

.rspec

.rspec

 
 

.travis.yml

.travis.yml

 
 

Gemfile

Gemfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Rakefile

Rakefile

 
 

remote_ip_proxy_scrubber.gemspec

remote_ip_proxy_scrubber.gemspec

 
 

Repository files navigation

Gem Version Build Status Code Climate Test Coverage

remote_ip Proxy Scrubber

A project that makes it as easy as possible to prevent Rails from logging IP addresses that belong to proxy devices in your HTTP request chain.

Because Rails has pretty dramatically changed how these sorts of IPs are filtered over the years, this project's ultimate goal is to make life easy on as many Rails versions as possible.

Common Use-cases

Usage

Let's say you've got proxy servers running outside of the local network where your Rails/Rack app is running. In this example, we'll say the IP addresses of these proxy servers are in these IP ranges: 17.0.0.4/30, 17.17.0.8/30

Install the gem

Add the following line to your application's Gemfile:

gem 'remote_ip_proxy_scrubber'

Then run bundle install to install the gem.

Rails: Fixing request.remote_ip

Without this gem, calls to request.remote_ip from your Rails app will return the IP addresses from your proxy servers. Adding the code, below, ensures that request.remote_ip will never return the IP addresses of your proxy servers, and assuming the servers that first process requests from your clients is adding an appropriate X-Forwarded-For header, request.remote_ip will return the real IP address of your clients!

# Add the following to config/application.rb or conifg/environments/*.rb

config.middleware.insert_before(Rails::Rack::Logger, RemoteIpProxyScrubber.filter_middleware, [
  "17.0.0.4/30",
  "17.17.0.8/30",
])

Rails: Fixing logs

Oddly enough, even with request.remote_ip returning the correct value, Rails log will still contain IP addresses from your proxy servers. To fix this, you'll need to tell Rails to use a different logger.

# Add the following to config/application.rb or conifg/environments/*.rb

config.middleware.insert_before(Rails::Rack::Logger, RemoteIpProxyScrubber.patched_logger)
config.middleware.delete(Rails::Rack::Logger)

Other Rack Apps: Fixing request.ip

So long as you're using Rack, you can benefit from this gem! Just add the following near the top of your config.ru file:

use RemoteIpProxyScrubber.filter_middleware, [
  "17.0.0.4/30",
  "17.17.0.8/30",
]

Questions? Contributions?

If this gem isn't working for you, feel free to open up an Issue, or a Pull Request if you've got a proposed solution! I maintain this project in my spare time, so your patience is appreciated.

Credit

Thanks to Haiku Learning for sponsoring the initial development of this gem. We're scratching our own itch, but hopefully it's helpful for you too!

About

Make it as easy as possible to prevent Rails from logging IP addresses that belong to proxy devices in your HTTP request chain.

Resources

Readme

License

MIT license
Activity

Stars

16 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages