Members showing as localhost

[mjda]

I was just curious if anyone had encountered this before, and how this could happen? I don't have any add-ons that affect this so I'm completely confused as to how this could happen or what to even check to find out how to stop it.

Anyways, this is what happened when I checked a user today for shared IPs.

 

[MentaL]

are you using a proxy?

 

[mjda]

are you using a proxy?

No.

 

[TPerry]

Are you sure? That is pretty consistent with a proxy.
I know at one time having this in your config.php helped.

if (isset($_SERVER['HTTP_CF_CONNECTING_IP'])) { $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP']; } if using CloudFlare. I thought there was similar for a proxy.... I know there was under 1.x line... but I don't know about for 2.2.x

 

[mjda]

I'm not using cloudflare, or any kind of proxy. I'm on a cPanel server, with nameservers on the server. I use a CDN to serve images and things like that, but members connecting to the site do so directly to the server.

 

[MentaL]

I'm not using cloudflare, or any kind of proxy. I'm on a cPanel server, with nameservers on the server. I use a CDN to serve images and things like that, but members connecting to the site do so directly to the server.

what webserver is it running on?

 

[mjda]

what webserver is it running on?

Apache, assuming that's what you're asking?

 

[mjda]

Worth noting that this site has been on the same server for over 2 years, with the same CDN, and I'm just now seeing this.

 

[TPerry]

Make sure your hosting provider has not placed a proxy in between you and the world wide web. It would not be unheard of for a hosting provider to do that to "benefit the customers", and most of them will never notice it.
What provider are you with?
Are those shared IP's you are looking at? If so, did at one time you run under a proxy?

 

[mjda]

What provider are you with?
Are those shared IP's you are looking at? If so, did at one time you run under a proxy?

I use Knownhost. Very unlikely they'd do anything like that, especially without letting me know.

Yes, they're shared IPs. I've never used a proxy. I acquired this site in late 2020 and it's been on the same server, with the same CDN, since I first moved it over. Never noticed this before. Not to say it wasn't there, but I spend a lot of time looking at shared IPs because my niche seems to be prone to members wanting to create multiple "crap talking" accounts.

 

[Dragonfruit]

Maybe give the server a restart, and see if they come back. I had an issue where some visitors started to display with the server IP. It went away after a reboot.

 

[TPerry]

I use Knownhost. Very unlikely they'd do anything like that, especially without letting me know

Doubtful... but I do know they have excellent support... so it may be worth asking. It could be (if you are using cPanel to maintain your site) something that they "rolled out" in an "upgrade".
It's worth taking the time to drop them a note since you indicate it appears to have just started happening.... and if YOU haven't made any changes, that leaves only one other involvement that may have.

 

[mjda]

Ok, so yesterday I switched my site over to Cloudflare (my CDN provider is discontinuing their CDN services) and I'm still getting these folks showing as connecting from 127.0.0.1. Anyone else able to help shed some light on this?

I do have these lines in my config.php:

if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];

if (isset($_SERVER['HTTP_CF_CONNECTING_IP']))
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];

 

[MentaL]

Ok, so yesterday I switched my site over to Cloudflare (my CDN provider is discontinuing their CDN services) and I'm still getting these folks showing as connecting from 127.0.0.1. Anyone else able to help shed some light on this?

I do have these lines in my config.php:

if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];

if (isset($_SERVER['HTTP_CF_CONNECTING_IP']))
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];

share your phpinfo.

 

[mjda]

PHP Version 8.0.30​

System	Linux host.mydomain.com 4.18.0 #1 SMP Thu Dec 15 20:31:06 MSK 2022 x86_64
Build Date	Aug 15 2023 23:25:27
Build System	Linux hou-1 5.3.18-150300.59.98-default #1 SMP Thu Oct 13 08:52:00 UTC 2022 (dfcde7e) x86_64 x86_64 x86_64 GNU/Linux
Configure Command	'./configure' '--build=x86_64-redhat-linux-gnu' '--host=x86_64-redhat-linux-gnu' '--program-prefix=' '--disable-dependency-tracking' '--prefix=/opt/cpanel/ea-php80/root/usr' '--exec-prefix=/opt/cpanel/ea-php80/root/usr' '--bindir=/opt/cpanel/ea-php80/root/usr/bin' '--sbindir=/opt/cpanel/ea-php80/root/usr/sbin' '--sysconfdir=/opt/cpanel/ea-php80/root/etc' '--datadir=/opt/cpanel/ea-php80/root/usr/share' '--includedir=/opt/cpanel/ea-php80/root/usr/include' '--libdir=/opt/cpanel/ea-php80/root/usr/lib64' '--libexecdir=/opt/cpanel/ea-php80/root/usr/libexec' '--localstatedir=/opt/cpanel/ea-php80/root/var' '--sharedstatedir=/opt/cpanel/ea-php80/root/var/lib' '--mandir=/opt/cpanel/ea-php80/root/usr/share/man' '--infodir=/opt/cpanel/ea-php80/root/usr/share/info' '--cache-file=../config.cache' '--with-libdir=lib64' '--with-config-file-path=/opt/cpanel/ea-php80/root/etc' '--with-config-file-scan-dir=/opt/cpanel/ea-php80/root/etc/php.d' '--disable-debug' '--with-password-argon2=/opt/cpanel/libargon2' '--with-pic' '--without-pear' '--with-bz2' '--with-freetype' '--with-xpm' '--without-gdbm' '--with-gettext' '--with-iconv' '--with-jpeg' '--with-openssl' '--with-pcre-regex=/usr' '--with-zlib' '--with-layout=GNU' '--enable-exif' '--enable-ftp' '--enable-sockets' '--with-kerberos' '--enable-shmop' '--with-sodium=shared' '--with-libxml' '--with-system-tzdata' '--with-mhash' '--enable-fpm' '--with-fpm-systemd' '--libdir=/opt/cpanel/ea-php80/root/usr/lib64/php' '--without-mysqli' '--disable-pdo' '--enable-pcntl' '--disable-gd' '--disable-dom' '--disable-dba' '--without-unixODBC' '--disable-opcache' '--disable-xmlreader' '--disable-xmlwriter' '--without-sqlite3' '--disable-phar' '--disable-fileinfo' '--disable-json' '--without-pspell' '--without-curl' '--disable-posix' '--disable-xml' '--disable-simplexml' '--disable-exif' '--without-gettext' '--without-iconv' '--disable-ftp' '--without-bz2' '--disable-ctype' '--disable-shmop' '--disable-sockets' '--disable-tokenizer' '--disable-sysvmsg' '--disable-sysvshm' '--disable-sysvsem' '--without-gmp' '--disable-calendar' 'build_alias=x86_64-redhat-linux-gnu' 'host_alias=x86_64-redhat-linux-gnu' 'PKG_CONFIG_PATH=/opt/cpanel/ea-php80/root/usr/lib64/pkgconfig:/opt/cpanel/ea-php80/root/usr/share/pkgconfig:/usr/lib64/pkgconfig:/opt/cpanel/ea-libxml2/lib64/pkgconfig:/opt/cpanel/ea-libicu/lib/pkgconfig:/opt/cpanel/ea-oniguruma/lib64/pkgconfig:/usr/lib64/pkgconfig:/opt/cpanel/libargon2/lib64/pkgconfig' 'KERBEROS_CFLAGS=-I/usr/include' 'KERBEROS_LIBS=-L/usr/lib64' 'JPEG_CFLAGS=-I/usr/include' 'JPEG_LIBS=-L/usr/lib64 -ljpeg' 'SASL_CFLAGS=-I/usr/include' 'SASL_LIBS=-L/usr/lib64' 'XSL_CFLAGS=-I/opt/cpanel/ea-libxml2/include/libxml2' 'XSL_LIBS=-L/opt/cpanel/ea-libxml2/lib64 -lxml2' 'LIBZIP_CFLAGS=-I/opt/cpanel/ea-libzip/include' 'LIBZIP_LIBS=-L/opt/cpanel/ea-libzip/lib64 -lzip'
Server API	FPM/FastCGI
Virtual Directory Support	disabled
Configuration File (php.ini) Path	/opt/cpanel/ea-php80/root/etc
Loaded Configuration File	/opt/cpanel/ea-php80/root/etc/php.ini
Scan this dir for additional .ini files	/opt/cpanel/ea-php80/root/etc/php.d
Additional .ini files parsed	/opt/cpanel/ea-php80/root/etc/php.d/10-opcache.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-bcmath.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-calendar.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-ctype.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-curl.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-dom.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-exif.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-fileinfo.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-ftp.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-gd.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-gettext.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-gmp.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-iconv.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-imap.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-intl.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-mbstring.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-mysqlnd.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-pdo.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-phar.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-posix.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-simplexml.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-soap.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-sockets.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-sqlite3.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-tokenizer.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-xml.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-xmlwriter.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-xsl.ini, /opt/cpanel/ea-php80/root/etc/php.d/20-zip.ini, /opt/cpanel/ea-php80/root/etc/php.d/30-mysqli.ini, /opt/cpanel/ea-php80/root/etc/php.d/30-pdo_mysql.ini, /opt/cpanel/ea-php80/root/etc/php.d/30-pdo_sqlite.ini, /opt/cpanel/ea-php80/root/etc/php.d/30-xmlreader.ini, /opt/cpanel/ea-php80/root/etc/php.d/zzzzzzz-pecl.ini
PHP API	20200930
PHP Extension	20200930
Zend Extension	420200930
Zend Extension Build	API420200930,NTS
PHP Extension Build	API20200930,NTS
Debug Build	no
Thread Safety	disabled
Zend Signal Handling	enabled
Zend Memory Manager	enabled
Zend Multibyte Support	provided by mbstring
IPv6 Support	enabled
DTrace Support	disabled
Registered PHP Streams	https, ftps, compress.zlib, php, file, glob, data, http, ftp, zip
Registered Stream Socket Transports	tcp, udp, unix, udg, ssl, tls, tlsv1.0, tlsv1.1, tlsv1.2, tlsv1.3
Registered Stream Filters	zlib., string.rot13, string.toupper, string.tolower, convert., consumed, dechunk, convert.iconv.*

This program makes use of the Zend Scripting Language Engine: Zend Engine v4.0.30, Copyright (c) Zend Technologies with Zend OPcache v8.0.30, Copyright (c), by Zend Technologies

 

[MentaL]

try

XF 2.1 - Xenforo is logging all user's IP addresses as the load balancer's private IP address

Apache Version: Apache/2.4.38 (Ubuntu) PHP Version: 7.2.15 I'm hosting the website on an AWS server behind a load balancer. The website is logging every user's IP address as the private IP address of the load balancer instead of the user's public IP address. In admin.php?tools/phpinfo on my...

xenforo.com

or

XF 1.4 - Many IPs appear as 127.0.0.1

We've been having a lot of trouble with spam recently. I suspect it is because IPs that would normally be blacklisted appear as local IPs. Has this happened to anyone else, and is there any way to fix this behaviour? I have a feeling that it may be related to SSL, but I have no clue...

xenforo.com

 

[TPerry]

Ok, so yesterday I switched my site over to Cloudflare (my CDN provider is discontinuing their CDN services) and I'm still getting these folks showing as connecting from 127.0.0.1. Anyone else able to help shed some light on this?

I do have these lines in my config.php:

if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];

if (isset($_SERVER['HTTP_CF_CONNECTING_IP']))
    $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];

Are you by chance using the excellent DigitalPoint CF add-on? If not.. I advise reserarching it immediately.
I haven't had to add ANY of that code into my /src/config.php.

Honestly.. in todays day and age.. this should already be a default XF ability without having to depend on 3rd parties.. but that a remains continuing weakness in XF. There is entirely to much dependence upon outside parties to provide what should be core features.
Does that mean they may need to purchase such abilities from the 3rd party.. yep.. but there are (in todays needs) needs basic functions that should be core.

 

[mjda]

Are you by chance using the excellent DigitalPoint CF add-on? If not.. I advise reserarching it immediately.
I haven't had to add ANY of that code into my /src/config.php.

Yes, I installed it immediately after changing my nameservers. Honestly, that add-on is the only reason I even switched to Cloudflare. Otherwise I would have just went with another CDN provider.

 

[mjda]

try

XF 2.1 - Xenforo is logging all user's IP addresses as the load balancer's private IP address

Apache Version: Apache/2.4.38 (Ubuntu) PHP Version: 7.2.15 I'm hosting the website on an AWS server behind a load balancer. The website is logging every user's IP address as the private IP address of the load balancer instead of the user's public IP address. In admin.php?tools/phpinfo on my...

xenforo.com

or

XF 1.4 - Many IPs appear as 127.0.0.1

We've been having a lot of trouble with spam recently. I suspect it is because IPs that would normally be blacklisted appear as local IPs. Has this happened to anyone else, and is there any way to fix this behaviour? I have a feeling that it may be related to SSL, but I have no clue...

xenforo.com

Thank you for this! I'll give one of those a try and see what happens.

 

[Jeremy P]

Honestly.. in todays day and age.. this should already be a default XF ability without having to depend on 3rd parties..

XF has had automatic handling of Cloudflare IPs for a while. Since this was happening prior to using Cloudflare it's likely there's some other server configuration issue at play here.

You may wish to check admin.php?tools/phpinfo for the values of $_SERVER['REMOTE_ADDR'] and $_SERVER['HTTP_CF_CONNECTING_IP'] for clues.