• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

XF 1.3 Varnish and XenForo

Karelke

Active member
#1
We are using Varnish as frontend server and Apache for the backend. This means $_SERVER['REMOTE_ADDR'] will always return 127.0.0.1 (i.e. the localhost address). The real client ip address however is available in the "X-Forwarded-For" header.

Now, browsing through the XenForo code, it seems there is some sort of support for X-Forwarded-For in Zend_Controller_Request_Http::getClientIp($checkProxy); the problem is this method is almost always called with the $checkProxy parameter false (see screenshot below). A simple "echo $request->getClientIp(false)" on the homepage indeed returns 127.0.0.1 so this won't work.

I would like to propose a solution for this issue. We are using Symfony 2 for our main website and this framework has support for trusting proxies. Have a look:

1) Configure the ip address of the proxy server:
http://symfony.com/doc/current/components/http_foundation/trusting_proxies.html
http://symfony.com/doc/current/refe...work.html#reference-framework-trusted-proxies

2) Check if the "X-Forwarded-For" header is valid in getClientIp():
https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/Request.php#L782
https://github.com/symfony/symfony/blob/master/src/Symfony/Component/HttpFoundation/Request.php#L813

It would be extremely helpful if XenForo could provide support for this.

Screenshot from 2014-05-21 13:33:12.png
 
Last edited:

Mike

XenForo developer
Staff member
#2
At this point, we generally recommend that people set $_SERVER['REMOTE_ADDR'] as needed in config.php (using whatever logic is appropriate for your setup).