Reverse Proxy IP Header selection not working

[MarckMabimods]

So, I replicated all of this in my test environment. I could not get SMF to fix the IP, I was however fairly easily able to get Apache to fix the IP before it ever gets to SMF. This is probably something along the lines of what Arantor's host is doing. hxxp:httpd.apache.org/docs/2.4/mod/mod_remoteip.html [nonactive]

I was able to do a similar workaround with Nginx to get this problem fixed. In my case I have both Cloudlare, and another server on-prem doing a reverse proxy to the SMF server.

Nginx config setting:

set_real_ip_from 127.0.0.1/32;
real_ip_header CF-Connecting-IP;

[JazzyNL]

So it has been one year since this was reported. While I appreciate all developing work on SMF and understand work is prioritized, could someone please give me an indication if this is going to be addressed in let's say the next year?

[Kindred]

Maybe.
Probably not.

[JazzyNL]

Maybe.
Probably not.

Can you elaborate?

[Arantor]

Well, it's tagged for 2.1.5 and has been since last summer. In theory it could even have been solved in time for 2.1.4 but apparently it's too hard to solve.

I'd have thought the usual approach of 'let's just make everything configurable by the user and make it their choice' would have been wonderful here.

[JazzyNL]

If it worked, it would've been great. Funny thing is that the default behavior in 2.0.x worked fine, the configuration with the drop-down list in 2.1.x broke things. Besides the fact that we can't ban on IP anymore, our users frequently hit rate limits since SMF sees all traffic coming from the same IP address. When you hit that error while trying to post, and click Back to return to the previous page, the text that you had typed is now lost.

Our users are frustrated and as the admin I get it completely. Anyway, appreciate the effort in getting this resolved.

[szinski]

I got my 2.1 forum working with Cloudflare (displaying client's real IP address) following these instructions (I'm using cPanel)

https://support.cpanel.net/hc/en-us/articles/360051107513-Restoring-visitors-IP-with-mod-remoteip

[Cola-Coca]

SMF 2.0 has one mod that works great :
https://custom.simplemachines.org/index.php?mod=4072

Unfortunately 2.1 doesn't have a mod for this kind of thing. The only thing left to do is modify the files on the server. I believe that in version 2.1.5 this setting will be within the forum as a default.

[JazzyNL]

I believe that in version 2.1.5 this setting will be within the forum as a default.

What makes you think that?

[Aleksi "Lex" Kilpinen]

2.1 is not supposed to need any mod for this.
This is already built in to 2.1, but sadly not working as expected, hence the open bug report.

[Cola-Coca]

2.1 is not supposed to need any mod for this.
This is already built in to 2.1, but sadly not working as expected, hence the open bug report.

I believe that in v.2.1.5 they will fix this huge error / bug that does not work inside the admin panel.

[JazzyNL]

I believe that in v.2.1.5 they will fix this huge error / bug that does not work inside the admin panel.

If you're referring to this: https://github.com/SimpleMachines/SMF/issues/7684 Don't get your hopes up. Nobody is actively working on it and the milestone was moved from 2.1.5 to 2.1.6.

Quite frankly it's a bit frustrating. Understand that this issue impacts a subset of the forums, but the impact for these forums is significant.

Unfortunately this is how OSS works, it's all volunteer based and personally I'm no developer so not much else I can do. ;(

[Cola-Coca]

I believe that in v.2.1.5 they will fix this huge error / bug that does not work inside the admin panel.

If you're referring to this: https://github.com/SimpleMachines/SMF/issues/7684 Don't get your hopes up. Nobody is actively working on it and the milestone was moved from 2.1.5 to 2.1.6.

Quite frankly it's a bit frustrating. Understand that this issue impacts a subset of the forums, but the impact for these forums is significant.

Unfortunately this is how OSS works, it's all volunteer based and personally I'm no developer so not much else I can do. ;(

I hope that it will be fixed in version 2.15 and that it will work properly.

[JazzyNL]

I hope that it will be fixed in version 2.15 and that it will work properly.

You and me, but at this point that is highly unlikely.

[Cola-Coca]

I set it up mod_remoteip and everything is working properly.
If someone uses shared hosting then they will be in trouble because it's possible that the apache he's using doesn't have mod_remoteip or if he has  it's not set for him.

In any case, if the option does not work properly in the admin panel, it is best to delete it from the admin panel in the next version.

I followed this tutorial and now I see the real IP address:
https://developers.cloudflare.com/support/troubleshooting/restoring-visitor-ips/restoring-original-visitor-ips/

[Aleksi "Lex" Kilpinen]

Yes, mod_remoteip works, and was mentioned before in this topic.
No, I don't think the best idea is to remove it - We have an open bug report, which means we acknowledge it's a problem that probably should be fixed. It does not mean it will be fixed in the next update however.