Sucuri Firewall Problem

delta5 · December 31, 2018, 08:06:39 PM

Hi guys,

Im running 2.0.15 with a Destek CSS responsive theme. My host added the Sucuri firewall system to my account. It seems to be working ok so far except for two problems. When you look at the Whos Online list, users seem to come and go a bit, even though they are still connected and chatting in the shoutbox. Also, my main problem is that now users IP addresses and host names are changed to the sucuri proxy address and host name in the online list. Tech support says this is normal. The problem is that this makes it much harder to ban someone. Also, its reducing the effectivness of the stopforumspam.com scanner. Now the scanner still works, but only can check the user name and pwd the bots try to use, not the IP. On the sucuri site, they have a work around code snippet they say you can add to the config.php or configuration.php files. Im wondering if this will work. I dont want to reduce the effectivness of the firewall, but this is starting to get annoying.

if(isset($_SERVER['HTTP_X_SUCURI_CLIENTIP']))
{
$_SERVER["REMOTE_ADDR"] = $_SERVER['HTTP_X_SUCURI_CLIENTIP'];
}

Also im using HTTPS so im wondering if this snippet needs to be changed for that too.
Any help or opinions would be appreciated.

Thanks

HDB · December 31, 2018, 08:27:41 PM

I run a Sucuri firewall also and I asked them about this issue and they gave me the same code and said to place it in the settings.php file as we don't have a config or configuration file in SMF so settings.php is where you would place that code.

Code Select

if(isset($_SERVER['HTTP_X_SUCURI_CLIENTIP']))
{
    $_SERVER["REMOTE_ADDR"] = $_SERVER['HTTP_X_SUCURI_CLIENTIP'];
}

They address this issue in their KB (Knowledge Base) articles here...

https://kb.sucuri.net/firewall/Troubleshooting/same-user-ip

Doing that in settings solved my issue.

delta5 · December 31, 2018, 09:00:29 PM

Thanks for the reply! Im glad to see its fixable. Do you happen to know if the snippet needs to be changed to https since i have a certificate?

HDB · December 31, 2018, 09:42:33 PM

I have a SSL cert and that is the exact code that I use. So it doesn't need any modification.

Arantor · January 01, 2019, 06:52:16 AM

The HTTP part in the name indicates it is an HTTP header, so it should not be changed for HTTPS since it's still HTTP as a protocol.

delta5 · January 01, 2019, 07:25:34 PM

I pasted that snippet into the bottom of my settings.php file and saved it. Now that same text appears at the top of my home screen. Any ideas?

delta5 · January 01, 2019, 07:31:33 PM

Disregard, I figured it out. Looks like its working perfectly so far

delta5 · January 02, 2019, 08:27:09 AM

Update: snippet seems to work perfectly. Odd though, my lurker numbers seem to be up now. I hope that firewall is still working.

delta5 · January 03, 2019, 01:54:44 PM

Update: tech support checked and says firewall still working and blocking a lot of stuff. I guess I'm good to go.

Willie · October 02, 2019, 10:53:27 PM

I am having same problem. Did you leave the script at the bottom of the Settings.php file?

News:

Sucuri Firewall Problem