Not a bug IP address bug - 'More Users' Issue

Hensmon

Member
Affected version
7.3.30
Recently I have noticed that some users are having shared IP's, even though I know they are not the same person or using the same IP address. The reason being is that I am finding my own user log in other users logs, and obviously I know I am not logging in as them and vice versa. In fact on my own name there are like 3 different users logged under my home IP address (!?). Clearly a bug but not idea why it's happening or why these users.

I am looking via the admin panel and clicking 'more users' when on the IP address part of a user profile.

Not sure how many users it is effecting as only looked at myself and a few others, but it's weird. Sometimes there is no IP address whatsoever, even for people who logged in recently.
 
This is typically due to a reverse proxy configuration on the server.

Typically adding something like this to the config.php file will resolve it

PHP:
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
}

Your host will be able to assist otherwise.
 
This is typically due to a reverse proxy configuration on the server.

Typically adding something like this to the config.php file will resolve it

PHP:
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
}

Your host will be able to assist otherwise.
Zen already does this in itself. It's not necessary. If he is using cloudflare, he should adapt and add this configuration according to cloudflare. Cloudflare may also require an additional setting for iptables.
 

Attachments

  • trw.webp
    trw.webp
    52.6 KB · Views: 9
Zen already does this in itself. It's not necessary. If he is using cloudflare, he should adapt and add this configuration according to cloudflare. Cloudflare may also require an additional setting for iptables.
Erm ... no :)

XenForo does use CloudFlare / Google provided client IP, it does not use an IP address provided via X-Forwarded-For header from an arbitrary proxy as the clients primary IP address.

It does use those IPs to assert IP bans though.
 
Erm ... no :)

XenForo does use CloudFlare / Google provided client IP, it does not use an IP address provided via X-Forwarded-For header from an arbitrary proxy as the clients primary IP address.

It does use those IPs to assert IP bans though.
When I don't do the above configuration, it gives everyone the same ip address, i.e. the ip addresses of the coudflare/ddos-guard servers. But if I enter these settings in the nginx.conf file, it will fix it. :D
 
When I don't do the above configuration, it gives everyone the same ip address, i.e. the ip addresses of the coudflare/ddos-guard servers. But if I enter these settings in the nginx.conf file, it will fix it. :D
That's what @Kirby was saying. It sounded like you were saying that was not necessary:
Zen already does this in itself. It's not necessary.
It sounds like everyone agrees: if you have a reverse proxy (e.g., Cloudflare), you need to configure your web server accordingly.
 
Back
Top Bottom