• Resolved MartoEporedia

    (@martoeporedia)


    Hi, ip blocking can’t get the correct IP, i’ve tried all the options.
    My server is behind an AWS load balancer and a reverse proxy, i need to use x-forwarded-ip, in the configuration page i see the correct IP, but in the “live traffic” all the IPs are of the instances of the reverse proxy (these instances are in an autoscaling group, i can’t add IP in the trusted proxies).
    https://imgur.com/tKJdHvZ bold detected IP is the same of “Your IP with this setting”

    https://imgur.com/i7xyrcA these are all IPs of proxies in autoscaling group.

    Thank you

Viewing 7 replies - 1 through 7 (of 7 total)
  • Plugin Support wfpeter

    (@wfpeter)

    Hi @martoeporedia, thanks for reaching out to us.

    I think it would be best to understand the server environment you’re running on and see if any other site communication is failing due to the improper detection of visitor IPs.

    Can you send a diagnostic report to wftest @ wordfence . com? You can find the link to do so at the top of the Wordfence > Tools > Diagnostics page. Then click on “Send Report by Email”. Please add your forum username where indicated and respond here after you have sent it.

    NOTE: It should look as follows – Screenshot of Tools > Diagnostic > Send by Email

    Thanks,

    Peter.

    Thread Starter MartoEporedia

    (@martoeporedia)

    Thank you @wfpeter,
    I’ve sent the diagnostics.

    Today 2 IPs are correctly, only 2.

    Plugin Support wfpeter

    (@wfpeter)

    Hi @martoeporedia,

    X-Forwarded-For is correctly reporting what I believe to be your visitor IP, although as you mention is including 2 in this section. One of these appears to be related to your server or related servers/load-balancers/etc. on your host.

    If you are not the server administrator, I would reach out to your hosting support and request that the visitor IP is exclusively sent to one of your IP detection methods. Once only 1 IP can be seen, your visitor IPs should detect properly in Wordfence.

    Thanks,

    Peter.

    Thread Starter MartoEporedia

    (@martoeporedia)

    Same connection, same user, in configuration i can see the right IP (I use x-forwarded-for for all my logs), the firewall plugin see wrong IP. It seems using two different methods…

    • This reply was modified 2 years, 11 months ago by MartoEporedia.
    Plugin Support wfpeter

    (@wfpeter)

    Hi @martoeporedia,

    If you keep “X-Forwarded-For” as your detection method, then add 172.31.26.221 to the “+Edit Trusted Proxies” link below the IP detection section, this should ensure that Wordfence only reads the visitor IP and not the secondary address being sent over.

    However, if the IP above is not consistent and a different one is sent with the visitor IP at different times, you will need to contact your host for a range to input into the trusted proxies.

    Thanks,

    Peter.

    Thread Starter MartoEporedia

    (@martoeporedia)

    Proxies are in an autoscaling groups and in the second image it get public ip not the local

    Plugin Support wfpeter

    (@wfpeter)

    Hi @martoeporedia,

    I would also recommend changing Live Traffic to report SECURITY ONLY rather than ALL TRAFFIC, which can be found in the “Live Traffic Options” section of the Live Traffic page as you don’t necessarily need to store information about 200 OK response codes.

    Please let me know the current situation with visitor IPs and whether that is working correctly for you. If there’s any confusion on my side because you’ve had to obscure IPs in your original screenshots, please feel free to send those privately to us to wftest @ wordfence . com. Please add your forum username to the subject line and respond here after you have sent it.

    Thanks,

    Peter.

Viewing 7 replies - 1 through 7 (of 7 total)
  • The topic ‘Can’t get right IP’ is closed to new replies.