XF 2.2 hCaptcha configuration error: invalid-remoteip

[spk100]

Recently I switched to Ezoic for monetization and I moved to their cloudflare. I do not have the caching enabled.

Then these started appearing in bucket loads. Just in the last 2 days - 384 of them.

Stack trace​

#0 src/XF.php(218): XF\Error->logError('hCaptcha config...', false)
#1 src/XF/Captcha/HCaptcha.php(122): XF::logError('hCaptcha config...')
#2 src/XF/Mvc/Controller.php(883): XF\Captcha\HCaptcha->isValid()
#3 src/XF/Pub/Controller/Register.php(409): XF\Mvc\Controller->captchaIsValid()
#4 src/XF/Mvc/Dispatcher.php(352): XF\Pub\Controller\Register->actionRegister(Object(XF\Mvc\ParameterBag))
#5 src/XF/Mvc/Dispatcher.php(259): XF\Mvc\Dispatcher->dispatchClass('XF:Register', 'Register', Object(XF\Mvc\RouteMatch), Object(XF\Pub\Controller\Register), NULL)
#6 src/XF/Mvc/Dispatcher.php(115): XF\Mvc\Dispatcher->dispatchFromMatch(Object(XF\Mvc\RouteMatch), Object(XF\Pub\Controller\Register), NULL)
#7 src/XF/Mvc/Dispatcher.php(57): XF\Mvc\Dispatcher->dispatchLoop(Object(XF\Mvc\RouteMatch))
#8 src/XF/App.php(2351): XF\Mvc\Dispatcher->run()
#9 src/XF.php(517): XF\App->run()
#10 index.php(20): XF::runApp('XF\\Pub\\App')
#11 {main}

 

[Chris D]

The remoteip that we send through to hCaptcha is supposed to be the user’s IP address.

If you’re behind various proxies it’s possible that the IP address they’re actually seeing belongs to Ezoic or Cloudflare and hCaptcha may be recognising this as being invalid.

You may find that in XF every single user is being logged with the same IP addresses or group of addresses that belong to the proxies rather than the users.

I would seek support of Ezoic/Cloudflare in the first instance. The real user IP is usually sent in the request and you may be able to map that to the correct server value so that IP addresses are sent correctly but the specifics of that may vary.

This typically looks something like this but in the Cloudflare case we handle this automatically so it may be that there are specific steps in your environment:

if (isset($_SERVER['HTTP_CF_CONNECTING_IP']))
{
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
}

 

[spk100]

Thank you.

Reaching out to Ezoic for help.

 

[spk100]

Just updating here. I could not get this fixed. So I switched to Recaptcha v2.