News:

Bored?  Looking to kill some time?  Want to chat with other SMF users?  Join us in IRC chat or Discord

Main Menu

Appropriate way to show real user IP in a proxy situation (HTTP_X_FORWARDED_FOR)

Started by user58389239, April 27, 2023, 04:26:03 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions

user58389239

April 27, 2023, 04:26:03 PM
Hi,
We're running 2.0.X (for now, upgrading soon)...using Sucuri firewall. We're not seeing the firewall IP instead of real user IP.

I've seen a few methods mentioned in previous posts on getting the correct info. I've seen it mentioned to put in QueryString.php and elsewhere to put it in index.php and a third place to put it in .htaccess.

tl;dr: What is the right method to get the user IP behind a firewall?

SleePy

#1
April 27, 2023, 11:29:29 PM
If you control the server, Apache has mod_remoteip, which simplifies a lot of setup/configurations with reverse proxies.
Jeremy D ~ Site Team / SMF Developer ~ GitHub Profile ~ Join us on IRC @ Libera.chat/#smf ~ Support the SMF Support team!

Aleksi "Lex" Kilpinen

#2
April 28, 2023, 01:36:44 AM
Yup, remoteip is the proper way to do it, if you can, it can also make sure your server logs catch real user data instead of your proxy information.
Slava
Ukraini!
"Before you allow people access to your forum, especially in an administrative position, you must be aware that that person can seriously damage your forum. Therefore, you should only allow people that you trust, implicitly, to have such access." -Douglas

How you can help SMF

user58389239

#3
April 28, 2023, 12:12:47 PM
Awesome, thank you for the prompt replies! We have a VPS so we should be able to do this. Appreciate the amazing support of this community.
Print
Go Up Pages1
User actions
Advertisement: