Hi New Xenforo user here!
I recently switched from vbulletin to Xenforo 2. Very happy with the switch so far except I am having issues using my CDN(Content Delivery Network) with the site.
The root of the issue is Xenforo is only picking up the IP's of the CDN endpoints instead of the actual client IP.
Now the CDN does provide the actual client IP in the "HTTP_X_FORWARDED_FOR" HTTP field in the following format. However Xenforo grabs the IP "192.16.55.202" instead of 111.111.111.111
$_SERVER['HTTP_X_FORWARDED_FOR']111.111.111111, 192.16.55.202, 108.161.246.65:38574
It is also can be presented in a Custom header for example I could have it dumped exclusively into "HTTP_ENDUSER_IP" in the format of
$_SERVER['HTTP_ENDUSER_IP']111.111.111.111
Where 111.111.111.111 is the actual client IP in both examples.
For Xenforo I see that it does have options for using Cloudflare exclusively but those options have been highly customized for use with CF only. I use both Akamai's and Verizon's CDN's through Azure with my websites hosted within.
I have gotten around the issue for now by modifying the src/XF/Http/Request.php from approximately line 438 changing "REMOTE_ADDR" to "HTTP_ENDUSER_IP"
###########
if ($this->_remoteIp === null)
{
$ip = $this->getTrustedRealIp($this->getServer('HTTP_ENDUSER_IP'));
$this->_remoteIp = $this->getFilteredIp($ip);
#########
Akamai CDN - Largest CDN in the world
https://www.akamai.com/
Verizon CDN
https://www.verizondigitalmedia.com/platform/edgecast-cdn/
Potential Questions/Solutions
1) Can we make the code compatible with *Any CDN?
- Steps Required
1) In the Options provide a field which we can enter IP's that the CDN uses(Similar to the same functionality which already exists for Cloudflare)
2) Provide an option field to specific the header containing the actual client IP.
2) Is there a way to provide an exception to the file verification checks which does now fail because of my custom modification of this header?
3) Did I miss something is there an easier way to fix this?
Thanks in advance!
I recently switched from vbulletin to Xenforo 2. Very happy with the switch so far except I am having issues using my CDN(Content Delivery Network) with the site.
The root of the issue is Xenforo is only picking up the IP's of the CDN endpoints instead of the actual client IP.
Now the CDN does provide the actual client IP in the "HTTP_X_FORWARDED_FOR" HTTP field in the following format. However Xenforo grabs the IP "192.16.55.202" instead of 111.111.111.111
$_SERVER['HTTP_X_FORWARDED_FOR']111.111.111111, 192.16.55.202, 108.161.246.65:38574
It is also can be presented in a Custom header for example I could have it dumped exclusively into "HTTP_ENDUSER_IP" in the format of
$_SERVER['HTTP_ENDUSER_IP']111.111.111.111
Where 111.111.111.111 is the actual client IP in both examples.
For Xenforo I see that it does have options for using Cloudflare exclusively but those options have been highly customized for use with CF only. I use both Akamai's and Verizon's CDN's through Azure with my websites hosted within.
I have gotten around the issue for now by modifying the src/XF/Http/Request.php from approximately line 438 changing "REMOTE_ADDR" to "HTTP_ENDUSER_IP"
###########
if ($this->_remoteIp === null)
{
$ip = $this->getTrustedRealIp($this->getServer('HTTP_ENDUSER_IP'));
$this->_remoteIp = $this->getFilteredIp($ip);
#########
Akamai CDN - Largest CDN in the world
https://www.akamai.com/
Verizon CDN
https://www.verizondigitalmedia.com/platform/edgecast-cdn/
Potential Questions/Solutions
1) Can we make the code compatible with *Any CDN?
- Steps Required
1) In the Options provide a field which we can enter IP's that the CDN uses(Similar to the same functionality which already exists for Cloudflare)
2) Provide an option field to specific the header containing the actual client IP.
2) Is there a way to provide an exception to the file verification checks which does now fail because of my custom modification of this header?
3) Did I miss something is there an easier way to fix this?
Thanks in advance!
