Correct IP reporting in legacy software / scripts

The plugin follows reverse proxy software proper handling of X-Forwarded-For headers and in this manner ensures IP reporting is correct in logs and applications. There are, however, some legacy applications that have yet to implement the standard. And so we have come up with a work around to make reporting of client IP addresses accurate. There are two options. The first one involves adding the code snippets to your application's entry path (ex: index.php or wp-config.php). The other option is to implement the change so it works on the whole server. We recommend the latter as it involves one change.

Per-application change

Insert the following PHP code at the top of your script's opening line (right after <?php):

if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
 $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
 $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
 $_SERVER['REMOTE_ADDR'] = $_SERVER['REMOTE_ADDR'];
}

Server wide change

1) Create and this content to file /usr/local/apache/htdocs/prepend.php with the following code:

<?php
if (!empty($_SERVER['HTTP_CLIENT_IP'])) {
 $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CLIENT_IP'];
} elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
 $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
 $_SERVER['REMOTE_ADDR'] = $_SERVER['REMOTE_ADDR'];
}
?>

2) Set the variable auto_prepend_file in /usr/local/lib/php.ini to the following:

auto_prepend_file = "/usr/local/apache/htdocs/prepend.php"

3) Restart Apache (service httpd restart)

  • 8 Users Found This Useful
Was this answer helpful?

Related Articles

Stop worpress wp-login.php brute force attacks with Varnish throttling (Rate Limit)

Version 1.8.4 of the cPanel Varnish Plugin has seen a new feature being introduced: the ability...

Varnish Plugin on Amazon AWS with Elastic IP or NAT

Here are the two short steps required to ensure licensing is setup properly so you're able to use...

vBulletin correct reporting of IP address

It's recommended to make the following changes to includes/config.php so vB doesn't report...

Why does the plugin change the server header?

Normally, if you download and install Varnish (the source not the plugin) yourself, the headers...