Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Log the remote IP addr of clients behind a proxy #33489

Merged
merged 1 commit into from Jul 31, 2018

Conversation

Projects
None yet
4 participants
@Atul9
Copy link
Contributor

Atul9 commented Jul 31, 2018

If Rails is behind a proxy server, the log will show the IP address of the proxy for each request, rather than the remote IP address. I feel that this information is rarely if ever useful.

My change makes the logger use request.remote_ip, which makes a smart guess at the remote IP address by considering CLIENT_IP / X_FORWARDED_FOR and checking against the list of trusted proxies.

Closes #7979

@rails-bot

This comment has been minimized.

Copy link

rails-bot commented Jul 31, 2018

Thanks for the pull request, and welcome! The Rails team is excited to review your changes, and you should hear from @georgeclaghorn (or someone else) soon.

If any changes to this PR are deemed necessary, please add them as extra commits. This ensures that the reviewer can see what has changed since they last reviewed the code. Due to the way GitHub handles out-of-date commits, this should also make it reasonably obvious what issues have or haven't been addressed. Large or tricky changes may require several passes of review and changes.

This repository is being automatically checked for code quality issues using Code Climate. You can see results for this analysis in the PR status below. Newly introduced issues should be fixed before a Pull Request is considered ready to review.

Please see the contribution instructions for more information.

@Atul9

This comment has been minimized.

Copy link
Contributor Author

Atul9 commented Jul 31, 2018

@sikachu This PR Refers to #24521 updated with the latest master.

@Atul9 Atul9 force-pushed the Atul9:remote-ip branch Jul 31, 2018

@sikachu
Copy link
Member

sikachu left a comment

Do you mind if I ask you to update commit message to add credit, based on the name in https://patch-diff.githubusercontent.com/raw/rails/rails/pull/24521.patch and force push to this branch?

It should read:

Log the remote IP addr of clients behind a proxy.

[Atul Bhosale, Victor Nawothnig]

That way you both will get credited on our contributors site.

Thank you very much.

Log the remote IP addr of clients behind a proxy
[Atul Bhosale, Victor Nawothnig]

@Atul9 Atul9 force-pushed the Atul9:remote-ip branch to 7e40e95 Jul 31, 2018

@Atul9

This comment has been minimized.

Copy link
Contributor Author

Atul9 commented Jul 31, 2018

@sikachu done, I have updated it. Is it correct?

@sikachu
Copy link
Member

sikachu left a comment

Purrrfect 🐱

Thank you! I'll ping a core team member to review/merge this. 👏

@georgeclaghorn georgeclaghorn merged commit e2aaf5c into rails:master Jul 31, 2018

2 checks passed

codeclimate All good!
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details

georgeclaghorn added a commit that referenced this pull request Jul 31, 2018

Merge pull request #33489 from Atul9/remote-ip
Log the remote IP addr of clients behind a proxy
@Atul9

This comment has been minimized.

Copy link
Contributor Author

Atul9 commented Jul 31, 2018

@sikachu @georgeclaghorn Thank you. This was my first PR to rails :)

@Atul9 Atul9 deleted the Atul9:remote-ip branch Jul 31, 2018

rdlugosz added a commit to rdlugosz/invisible_captcha that referenced this pull request Oct 12, 2018

Use #remote_ip instead of REMOTE_ADDR
When Rails is behind a proxy server, REMOTE_ADDR will be the IP of the
proxy rather than the user's actual IP. The `request.remote_ip` method
properly accounts for this.

See rails/rails#33489 for a similar change in
Rails.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.