#1745 - Make available config option for registering real IP within Composr when using CloudFlare instead of CloudFlare's IP

  • By
  • Added
  • 3 views
Identifier #1745
Issue type Feature request or suggestion
Title Make available config option for registering real IP within Composr when using CloudFlare instead of CloudFlare's IP
Status Closed (rejected)
Handling member Chris Graham
Addon core
Description Those who use Composr on web hosting sites that do not offer mod_cloudflare run into an issue when they want to use CloudFlare to secure their site. CloudFlare IPs are used in Composr instead of real visitor IP. So why not allow a configuration option so that when check-boxed, real IPs are displayed instead of CloudFlare's.
Steps to reproduce

Additional information I have temporarily added the following within the get_ip_address() function of sources/config.php , which seems to work in revealing real IPs:

if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}

It was added after the end of the if condition "if ((get_value('cloudflare_workaround')==='1') && (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) && (isset($_SERVER['REMOTE_ADDR'])))" (but not within it). Specifically, line 993 on my installation.
Funded? No
The system will post a comment when this issue is modified (e.g., status changes). To be notified of this, click "Enable comment notifications".

Rating

Unrated