XF 2.1 Xenforo is logging all user's IP addresses as the load balancer's private IP address

hutt132

hutt132

Member
Apache Version: Apache/2.4.38 (Ubuntu)
PHP Version: 7.2.15

I'm hosting the website on an AWS server behind a load balancer. The website is logging every user's IP address as the private IP address of the load balancer instead of the user's public IP address.

964347d52c.png


In admin.php?tools/phpinfo on my site, the $_SERVER['REMOTE_ADDR'] variable is showing up as 172.30.0.200
The $_SERVER['HTTP_X_FORWARDED_FOR'] variable has my local machines public IP address.

To try to solve this, I edited the root index.php file to set $_SERVER['REMOTE_ADDR'] to $_SERVER['HTTP_X_FORWARDED_FOR']
Code: 
if ($_SERVER['HTTP_X_FORWARDED_FOR']!==null && $_SERVER['HTTP_X_FORWARDED_FOR']!=='') {
  $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
}

However, now the website logs both the user's public IP AND the load balancer's private IP address at the same time ONLY when the user first logs into their account.
Once they are logged in, the website will continue to only log the load balancer's IP. The user's public IP won't be logged again until the user logs out and logs back in, where it will again log both IPs.

This is very odd behavior why it's logging both IPs only on logon even with the variable set in index.php.
 
Sort by date Sort by votes
Try replacing the code with this:
PHP: 
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
}

Does that change anything?
 
Upvote 0 Downvote
If you are using the AWS Classic Load Balancer it is for more simple and better to enable support for proxy protocol and then in turn for apache. Bear in mind if you run multiple services behind the load balancer as they will break if you do not enable proxy protocol in them as well.
 
Upvote 0 Downvote
I know this is an old thread, but it seems like the best place to post this, since it is where I got my info about substituting the XFF for the REMOTE_IP.

One thing to keep in mind... XFF is not limited to being a single IP. By spec it can be a comma separated list of IPs. As such, when I switched over to using Cloudflare, I had some problems with IPs not being right. And worse, all the hCaptcha's were giving me invalid remoteip errrors in the system log (and apparently breaking for people constantly saying they entered the captcha incorrectly).

My solution... similar to what is mentioned here... but properly account for the fact that the XFF header is comma separated... the first IP is the original client IP.

PHP: 
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
    $_SERVER['REMOTE_ADDR'] = trim(explode(",", $_SERVER['HTTP_X_FORWARDED_FOR'])[0]);
}

Hope that helps anyone else... this will work whether or not you are using multiple reverse proxies. In my case, I had my main RP (which is a docker container serving multiple websites that reside on other containers), but then when adding Cloudflare on top of that, I effectively had multiple reverse proxies, and the XFF became two IP addresses (the first being the true client IP, and the second being Cloudflare).
 
Upvote 0 Downvote
You must log in or register to reply here.

Similar threads

I
  • Question Question
XF 2.2 Logging Max Connections and IP Address
Replies
1
Views
424
Paul B
Paul B
Saarbruecken
  • Question Question
View IP-Addresses permission for non Super-Moderators
Replies
10
Views
784
Saarbruecken
Saarbruecken
M
  • Question Question
XF 2.2 How to find the exact registraion ip address of users?
Replies
12
Views
876
MediaFolSupport
M
Hensmon
Not a bug IP address bug - 'More Users' Issue
Replies
5
Views
1K
PaulB
PaulB
T
  • Question Question
XF 2.2 All users IP address showing up as server ip addresses where Xenforo resides on
Replies
7
Views
800
TechBill
T
Top Bottom