Support » Plugins » [Plugin: Limit Login Attempts] Problem when using Varnish

Viewing 4 replies - 1 through 4 (of 4 total)
  • What web server do you use? Does your web server recognize forwarded ip? (on Apache, mod_rpaf should have been installed, enabled, and configured correctly)

    Does Varnish correctly forward the visitor’s IP via X-Forwarded-For header?

    Currently, something is wrong in the setup in such a way, any IP is recognized only as localhost. So, if someone else tried to log in to your site and locked out, then you are locked out as well, because this plugin doesn’t have a way to differentiate the IP addresses. There is nothing wrong with this plugin, though.


    Sorry about not replying earlier, I dont want to appear like I dont appreciate your response (I do)

    I’m using nginx, I thought that Varnish was correctly getting the X-Forwarded-for header stuff but maybe I was wrong.

    I’ve since changed it as apparently its not just the vcl_recv that needs to be changed, but I havent had a chance yet to test it (but the log files look ok)

    emandell would be very interested in how you fixed this. I am having the same issue with Varnish + nginx

    nope, the fix didnt work

    my log files are showing the correct ip address but Limit Login Attempts is always showing local host

Viewing 4 replies - 1 through 4 (of 4 total)
  • The topic ‘[Plugin: Limit Login Attempts] Problem when using Varnish’ is closed to new replies.