-
Notifications
You must be signed in to change notification settings - Fork 869
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
show X-Forwarded-For ip header on rainloop auth logs behind haproxy #1849
Comments
Is this in the works? |
this would make fail2ban more useful when rainloop is behind a reverse proxy, eg. nginx |
it looks like this is at least partly implemented as a "lab" feature with
i will experiment with this setting in the afternoon. |
actually, i just verified that this works. you will need to set |
**RainLoop version1.12.1, browser Mozilla Firefox 65.0.2 , OS:Windows 10 on client side, on the server Ubuntu Linux working fine, behind haproxy
Expected behavior and actual behavior:
i want to tell ha proxy showme the, now it show the haproxy ip not the X-Forwarded-For header.
i want make some how to block more of 3 or 5 failled logins
LogFormat "%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"" combined
but rainlop auths logs are show to me the haproxy ip
Steps to reproduce the problem:
Logs or screenshots:
apche log showing real ip client:
200.55.xxx.xxx - - [15/Mar/2019:15:17:44 -0500] "GET /?/Ajax/&q[]=/_ouGQQPoG93XHTEm_pVHseebg_ZeUUNY73NmR7SwR7AOtPXCOA-8lJ0imL_AJN8mugLM5tlwKcrISWtii1fZkDvo7bLFmA7i1gyoMeOk5vTh-VoAj26wsE18oINZKpo0XMdmNPhbRuNBI5MEtv1Gghu37Ihu6hKHLzt1byKwrHubvjsDOsOu3gdb5K15AM6ZyLZnt7XfU_gatuSx-FY9gdB3Uk28Nhaq__s6VFcr2XNxTZ_9pwy6ZS386KQ7BgGRrB5MZzD44ZN2yON3b__PvKLkwYSYUpKsEPOIFrjIaFI_KMj8SdqIVOrQd-f5qaa2spTihV7o0xVgXGc5D/MessageList/&q[]=/SU5CT1gAMAAyMAAANDA2YTQxMzVhYjJkODBlY2FhZGIwZDU0NjE5OWE3YTQAZWJkM2MxOWQ4ODJmYTIzNjYyMDI2N2MzYzE3MmM2ZmQANTE0OTUAMAA HTTP/1.1" 200 34383 "https://webmail.domain/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:65.0) Gecko/20100101 Firefox/65.0"
rainloop log showing haproxy ip:
[20:18:33.651][7d2b2611] INFO[DATA]: [DATE:15.03.19][OFFSET:-00][RL:1.12.1][PHP:7.2.15-0ubuntu0.18.04.1][172.20.20.13][PID:13079][Apache/2.4.29 (Ubuntu)][apache2handler]
[20:18:33.651][7d2b2611] INFO[DATA]: [Suhosin:off][APC:off][MB:on][PDO:mysql][Streams:tcp,udp,unix,udg,ssl,tls,tlsv1.0,tlsv1.1,tlsv1.2]
[20:18:33.651][7d2b2611] REQUEST[NOTE]: [POST] https://webmail.domain/?/Ajax/&q[]=/0/
[20:18:33.651][7d2b2611] AJAX[NOTE]: Action: DoLogin
[20:18:33.651][7d2b2611] POST[DATA]: {"Email":"swd","Login":"","Password":"*******","Language":"","AdditionalCode":"","AdditionalCodeSignMe":"0","SignMe":"0","Action":"Login","XToken":"9364dabc0438d16fd4a85b0530b9c599"}
[20:18:33.651][7d2b2611] LOGIN[DATA]: The email address "swd" is not complete
[20:18:34.652][7d2b2611] INFO[NOTICE]: RainLoop\Exceptions\ClientException: InvalidInputArgument[903] in /var/www/mailweb/rainloop/v/1.12.1/app/libraries/RainLoop/Actions.php:2232
The text was updated successfully, but these errors were encountered: