Jump to content

Forward IPs to avoid unwanted proxies


GriefCode

Recommended Posts

Hey,

we recently discovered a small issue on our system, since we put the whole server behind cloudflare.
The software seems not to forward users IPs which result that many users now have cloudflare IPs:

cf.thumb.PNG.8cb67ba6d572bd61b4c8706b8ae

The first one is as example my IP, and i was in my VPN, where the IP starts with 37.*, after discovering the latest posts, we noted that nearly every IP is related to cloudflare. We used to forward the IPs on an earlier application and acutally its a simple system:

$UserIP = $_SERVER["REMOTE_ADDR"];
if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) {
    $var = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
    $UserIP = @array_pop( $var );
    if (empty($UserIP)) $UserIP = $_SERVER["REMOTE_ADDR"];
}

In my opinion this snippet is a must have in a modern software application. Imagine the case that a user should be banned from the system by IP, this would ban definitly within the time several users.

Regards

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...