XF 1.5 How Stop Xenforo Image Proxy Leaking BackEnd IP?

XxUnkn0wnxX

Active member
I depend on image proxy for performance but how do I stop it from leaking my Servers ip?

e.g. if you embed this image here: http://www.danasoft.com/vipersig.jpg

you get the servers ip

how do I stop this?

I have my site setup with cloudflare, is a there a way to run image proxy through that?

otherwise if a reverse proxy is needed I'm not sure where to even begin.
 
Last edited:
The quick fix would be to block this IP in your server's firewall: 54.245.112.177

That would prevent the image from downloading to the proxy system. Unfortunately, it doesn't help if the image is already in the proxy system.
 
well its not a total fix some could use a URL shortner to bypass that block easy

need something that will Permanently block something like this. would be nice if a XF Dev could help me fix this
 
The image is generated on the fly by Danasoft. So, the moment your server connects to download the image into the proxy system, it's IP address is shown in the image. Blocking the Danasoft IP prevents the connection from your server from ever being made.

A URL shortener linking to an image that someone saved, would not show the server IP address. It would show the IP address of whoever saved the image.

A URL shortener linking to Danasoft, the firewall would still block the image from being downloaded.
 
Last edited:
No, it has to be another server. If you want your server to connect to external servers in any way, they have to know your IP (that's how you communicate). The proxy lets you leak the IP of another server, which is presumably less important.

CloudFlare is a reverse proxy to your site and nothing else, so it's unrelated to this.

Note that depending on how you send email from your site, you may be leaking the server IP through that.
 
You'd need to configure a proxy on a different server and send untrusted requests through it. See some discussion here: https://xenforo.com/community/threads/untrusted-http-client.112944/
@Mike might need more extended and detail info for this in xenforo manual ? :)

that's what i have setup and works wonderfully with my ddos protected vps proxy ip - so any image proxy leaks only show my ddos protected vps's ip address

any way to have it running on same server? cozz paying for new server just for proxy is to much 4 me.
you can get a 1GB VPS for as little as US$3.50/month https://community.centminmod.com/posts/31996/ and add $3/month extra for ddos protected ip too :)
 
Top Bottom