Support » Plugin: Login Security Solution » Works wrong behind reverse proxy

  • Resolved Dr.Bier

    (@drbier)


    Hi,

    It seems that plugin doesn’t check if WordPress is running behind reverse proxy. Reverse proxy address is stored in db since plugin uses REMOTE_ADDR value.

    I think that you need to change code in get_ip() function to:

    $real_ip = isset($_SERVER[‘HTTP_X_REAL_IP’]) ? $_SERVER[‘HTTP_X_REAL_IP’] : $_SERVER[‘REMOTE_ADDR’];
    if (empty($real_ip)) {

    Now it should correctly store real (external) ip of attacker, not proxy address.

    Best regards,
    Alexander

    http://wordpress.org/plugins/login-security-solution/

Viewing 3 replies - 1 through 3 (of 3 total)
Viewing 3 replies - 1 through 3 (of 3 total)
  • The topic ‘Works wrong behind reverse proxy’ is closed to new replies.