Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We鈥檒l occasionally send you account related emails.

Already on GitHub? Sign in to your account

Support proxy mode by checking the `X-Forwarded-For` header first #963

Merged
merged 2 commits into from Apr 5, 2018

Conversation

Projects
None yet
2 participants
@fjarrett
Copy link
Contributor

commented Mar 6, 2018

@lukecarbis When in reverse proxy mode, the REMOTE_ADDR value will always show the IP of the proxy server (ATS, Varnish, HAProxy, etc). Most proxies will pass along the real client IP via the X-Forwarded-For header. If it exists, Stream should prefer that as the real IP and only use REMOTE_ADDR as a fallback.

馃憢 It's been a while 馃槂

@@ -107,6 +107,10 @@ function( $var ) {
$role = '';
}
// Support proxy mode by checking the `X-Forwarded-For` header first
$ip_address = wp_stream_filter_input( INPUT_SERVER, 'HTTP_X_FORWARDED_FOR', FILTER_VALIDATE_IP );
$ip_address = $ip_address ? $ip_address : wp_stream_filter_input( INPUT_SERVER, 'REMOTE_ADDR', FILTER_VALIDATE_IP );

This comment has been minimized.

Copy link
@DavidCramer

DavidCramer Apr 3, 2018

Member

@fjarrett This is cool, thanks. The REMOTE_ADDR is also requested on line 154/158 So will need to be applied there.
Perhaps it might be better to have method to fetch the IP, or even a simpleIP param set in the constructor to prevent code duplication.

@DavidCramer DavidCramer changed the base branch from develop to add/real-client-ip Apr 5, 2018

@DavidCramer DavidCramer merged commit 733ef3d into xwp:add/real-client-ip Apr 5, 2018

1 check failed

continuous-integration/travis-ci/pr The Travis CI build failed
Details

@DavidCramer DavidCramer referenced this pull request Apr 5, 2018

Merged

Add/real client ip #969

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can鈥檛 perform that action at this time.