GriefCode Posted June 13, 2015 Share Posted June 13, 2015 Hey, we recently discovered a small issue on our system, since we put the whole server behind cloudflare.The software seems not to forward users IPs which result that many users now have cloudflare IPs: The first one is as example my IP, and i was in my VPN, where the IP starts with 37.*, after discovering the latest posts, we noted that nearly every IP is related to cloudflare. We used to forward the IPs on an earlier application and acutally its a simple system: $UserIP = $_SERVER["REMOTE_ADDR"]; if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER)) { $var = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); $UserIP = @array_pop( $var ); if (empty($UserIP)) $UserIP = $_SERVER["REMOTE_ADDR"]; } In my opinion this snippet is a must have in a modern software application. Imagine the case that a user should be banned from the system by IP, this would ban definitly within the time several users. Regards Link to comment Share on other sites More sharing options...
Ahmad E. Posted June 13, 2015 Share Posted June 13, 2015 ACP->System->Security->Security Settings, turn on Trust IP addresses provided by proxies? Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.