1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

XF 1.3 IP Logging

Discussion in 'Troubleshooting and Problems' started by caleb89taylor, Oct 3, 2014.

  1. caleb89taylor

    caleb89taylor Member

    Hi all,

    After we upgraded to 1.3 we have had an issue with IP logging. The Ip addresses for users are the internal IP addresses of our servers in our ASG in AWS. This means banning anyone by IP is impossible along with a few other things. I've been looking into the issues and just dumping the value from XenForo_Helper_Ip::getBinaryIp() seems to get the right IP address. I also noticed if I hostmapped directly to a box then I also got my correct IP address logged.

    I'm worried it's some sort of issues with the request object having the incorrect client IP or something now that we've switched to an ASG. Any ideas?

    Edit: Just removed the host map entry and performed a moderator action and it was back to logging the server IP in the admin action log.
     
    Last edited: Oct 3, 2014
  2. Slavik

    Slavik XenForo Moderator Staff Member

    You can try adding this to your config.php file:

    if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
    {
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
    }
     
  3. caleb89taylor

    caleb89taylor Member

    Thanks! This seems to have worked. Can you provide an explanation for this for future reference?
     
  4. Jim Boy

    Jim Boy Well-Known Member

    Because you are delivering through at least one intermediary device (eg akamai or elb), the IP header on a tcp packet needs to be replaced with the internal ip of the intermediary device. Otherwise the final destination server (eg nginx) would attempt to send traffic back directly to client, which would be rejected as the send ip and port of the client would mismatch. So the intermediary puts the real IP in another header, frequently HTTP_X_FORWARDED_FOR, but could be anything bar headers with meaning (eg HOST). The config file trick simply swaps the real IP back to the server field that XF (or any PHP script) was expecting the real IP to be in
     
    caleb89taylor likes this.

Share This Page