Hi @getspace @mojamba
AIOS uses WordPress request to fetch the user IP address If it is getting 127.0.0.1 as user IP address. Please cross check you have correct IP detection settings set WP Security > Settings > Advanced settings tab.
https://developer.wordpress.org/reference/classes/requests/
If it has any error still it is going to work there is no functionality issue.
We are going to check in more detail as 4 seconds time seems enough for a request to finish.
Regards
My settings seem fine and the error message doesn’t reference any IP address. It reads:
“AIOS_Helper::request_remote exception – cURL error 28: Operation timed out after 4000 milliseconds with 0 out of 12 bytes received”
Hi @mojamba
Right now AIOS_Helper::request_remote is called when try access the one of the IP look up service, http://api.ipify.org/ , http://ipecho.net/plain etc.
It is called only if the $_SERVER ip detection method gets the blank 127.0.0.1 or ::1 as IP address. can you please send me screen shot regarding the IP detection here ?
Regards
A screenshot showing what, exactly? For what it is worth, I use Cloudflare. It detects my IP (in the advanced settings screen) just fine (via Cloudflare and via ipify v4 and v6).
Hi @mojamba
I was asking screenshot for IP Detection settings as below to make sure you have correct option selected for cloudflare it will be HTTP_CF_CONNECTING_IP https://snipboard.io/zeImMq.jpg
Go to WP Security > Brute force > Login whitelist tab. Your current IP address showing correct as per https://whatismyipaddress.com/
Regards
OK. I had it set to REMOTE_ADDR, which based on the informational text provided on that screen is said to be “the most secure setup, because when set correctly it is immune from being spoofed by an attacker.” It also correctly identifies my IP address so it seems like it should be the proper choice. Or is the wording incorrect and/or unclear?
-
This reply was modified 5 months, 3 weeks ago by
mojamba.
Hi @mojamba
If REMOTE_ADDR is giving correct IP address it should be used. It can not be substituted by changing an HTTP header so what written information is correct and should be used.
Regards
getting the same errors starting with version 5.1.6
AIOS_Helper::request_remote exception – cURL error 28: Operation timed out after 4001 milliseconds with 0 out of -1 bytes received
PHP Warning: file_get_contents(http://api.ipify.org/): Failed to open stream: Connection timed out in /var/…../wp-content/plugins/all-in-one-wp-security-and-firewall/classes/wp-security-helper.php on line 180
using it for years never had a single error
-
This reply was modified 5 months, 3 weeks ago by
martix.
@martts
AIOS uses WordPress request to fetch the user IP address If it is getting 127.0.0.1 as user IP address. Please cross check you have correct IP detection settings set WP Security > Settings > Advanced settings tab.
https://developer.wordpress.org/reference/classes/requests/
We are working on to ignore the exception “AIOS_Helper::request_remote exception – cURL error 28: Connection timed” so upcoming version will not have this logged.
Also PHP Warning: file_get_contents might be issue of http://api.ipify.org/ the server requested time out generally it works.
Hi @getspace @martts @mojamba
We have ignored the time out exception as an solution. can you please download from below link AIOS plugin and upload it as new plugin from Plugins and replace with existing and it should solves the issue and do not log such exception.
all-in-one-wp-security-and-firewall.zip (dropbox.com)
I have it on all my sites so I will just manually update a couple of them and see and wait for proper release of next version for the rest. But, one question occurs to me: if your solution is to just not log the timeout, there is still a large (4s) timeout occurring. Is that slowing render of the page for users?
