Sucuri WAF Fix?

  • Resolved shawaj

    (@shawaj)


    8 years, 1 month ago

    Hi,

    Noticed your plugin had an issue which was fixed in version 2.3.3 with how it got the wrong IP address when using a proxy like Cloudflare or Sucuri WAF.

    Can you let me know how you fixed it because I am having a similar problem with a different plugin?

    Thanks

    This is from your changelog:

    #### 2.3.3 – May 27, 2015

    **Fixes**

    – Get correct IP address when using proxy like Cloudflare or Sucuri WAF.

    https://wordpress.org/plugins/mailchimp-for-wp/

Viewing 1 replies (of 1 total)
  • Plugin Author Danny van Kooten

    (@dvankooten)

    8 years, 1 month ago

    Hi @shawaj ,

    Basically you need to look at the X-Forwarded-For HTTP header too, because that will be set when using a proxy like Cloudflare.

    Here’s the relevant part of our code. Part of it is abstracted away so you can’t use it as is, but it should give you a good idea.

    /**
 * Get the IP address of the visitor. Takes proxies into account.
 *
 * @return string
 */
public function get_client_ip() {
   $headers = ( function_exists( 'apache_request_headers' ) ) ? apache_request_headers() : $this->server->all();

   if ( array_key_exists( 'X-Forwarded-For', $headers ) && filter_var( $headers['X-Forwarded-For'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) ) {
      return $headers['X-Forwarded-For'];
   }

   if ( array_key_exists( 'HTTP_X_FORWARDED_FOR', $headers ) && filter_var( $headers['HTTP_X_FORWARDED_FOR'], FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 ) ) {
      return $headers['HTTP_X_FORWARDED_FOR'];
   }

   return $this->server->get( 'REMOTE_ADDR', '' );
}

    Hope that helps, good luck!

Viewing 1 replies (of 1 total)
  • The topic ‘Sucuri WAF Fix?’ is closed to new replies.

Tags