I am working on a WordPress website and have the plugin WP Security installed. It tells me the current IP Address I am on when viewing the website. However the IP address it is producing isn't my correct IP address. I did the same thing on another WordPress website and it did produce the correct IP address.
The reason I'm trying to figure out the IP address is because someone entered their login credentials wrong 5 times. The website is set up so when that happens it locks that person out of website for an hour. Well when this happened it didn't just block their IP address, but blocked our IP address and the clients IP address. And the IP address it said it was blocking was neither of ours.
What could be the reasoning for this single website to be grabbing the incorrect IP address and believing it belongs to us and our client?
EDIT: after looking into it a little more the IP address that is showing up on this website is through Liquid Web, our hosting provider. So it is showing that IP address instead of our current/local IP address.
"All" traffic is routed to your webserver via another server (CDN, Firewall, Nginx etc). Following a failed login attempt the WP plugin is blacklisting this intermediate servers IP address locking everyone out.
Typically php scripts gets the visitors IP frome the REMOTE_ADDR environment variable: but depending on configuration with e.g. intermediate Nginx server REMOTE_ADDR may contain the nginx server IP; and the "real visitor" IP may be in HTTP_X_REAL_IP
You can use this script to: check which environment variable on your site contains the actual visitor IP.
It would be useful if you provided the link to the site from which you got the WP Security plugin.
Solution:
Ask your host provider to configure servers so REMOTE_ADDR on your web server will contain visitors IP; or
If you know which environment var is valid (above); then the security plugin may have a setting to configure accordingly; or
Report as a bug on plugins support forum.
Related
How to check if user is visiting site from our own local network or common internet.
Suppose, If somebody scans the qr code in our restaurant, it links to something, which is checking, are you connected to the local network or you're opening it from global? (no idea how)
Local - redirecting to the local domain (no idea how i can do this also, eg. restaurant.menu)
Global - redirecting to the global domain (eg. menu.com)
You can check the IP of the customer and compare it with IP range of your network. If the customer IP falls in your range redirect the user to local site otherwise to your global site.
You can use $_SERVER['REMOTE_ADDR']; to get IP of user visiting the site from the QR code.
You can setup a dns record for your local IP (external IP). The IPs mentioned in the comment 10.100.109.10-256 are private IPs and not publicly accessible. These wont work, search on google with what is my ip and I am sure you will get many options.
Once done you can create a script which will get user ip address ($_SERVER['REMOTE_ADDR'];) and do a gethostbyaddr() lookup to get the hostname associated with that IP. If the hostname matches the one you have set, your visitor is from a local connection.
For the redirection to work, if your website is hosted on server that is not in the same network as your router then you need to have a public facing domain name (ie. restaurant.menu should be reachable publicly)
A second approach could be to redirect the traffic at the router level. If your router allows you can setup a redirection in the router itself. If it does not you will need to setup a dns server. In this dns server you will specify the desired (local) IP address for the domain. You router needs to have a backup dns to keep resolving other domains.
These are hacks but if implemented correctly they will provide very predictable results.
I just wonder if Cloudflare is protecting only the domain name accesses ? Lets say I have a website mydomain.com and this domain has a dedicatedIP, 192.168.1.1 if someone uses 192.168.1.1 with the browser it is possible to access to the website. So the DDOS attack as well. In this case can writing a php code will prevent from direct ip access ddos attacks ? Like checking if the entered url is a domain or IP, if it is IP show 403 ?
%99.9 ddos attackers do not use domain name to attack, they first check the dns records of the domain and they attack to the website IP, especially if you have a dedicated IP assigned to the website, even if you hide the mainIP of the website by using Cloudflare nameservers, the mx and email IP dns records are listed again and they are your dedicatedIP where pointed to your website when you call that IP. This is the problem I'm trying to solve.
Cloudflare's DDOS protection is only useful if you hide the origin IP - the IP of your server. They have an article with tips on this. You'll want to point MX etc. records somewhere else and send mail from a different server, because you're right - it would reveal the IP of the server.
If your host supports it, you can also firewall off your server from any IP address that isn't in Cloudflare's range.
I create website using php. and then I want to block VPN IP ADDRESS or hide ip Program. in my login.
I see ebay.com website can block VPN IP ADDRESS or hide ip Program.
How do write script php for block VPN IP ADDRESS or hide ip Program.
It's simple to implement:
if (in_array($_SERVER['REMOTE_ADDR'], $blocked_ips)) die("Go away!");
... but it requires a list of IPs you'd like to block. IP hiding works by using a proxy. There is no way to detect if a user is hiding their IP besides checking if traffic is coming from a known IP hiding service's IP. Where you might find such a list, I don't know, but that's the only way to go about this.
This is a PHP (Zend Framework 1.11) site, not using an off-the-shelf package. When the request to:
https://live.sagepay.com/gateway/service/vspserver-register.vsp
(with a TxType of PAYMENT), I get the following response:
4020 : Information received from an Invalid IP address.
I have logged in to the SagePay admin area and added the IP address of the live server to the Valid IPs section and I've made sure it's using the correct SagePay URL to post to and.
An important note is that this issue started this morning, when we changed the SagePay account that payments get sent to, by changing the Vendor attribute.
Update: This same account (vendor) is used on other accounts with the Form integration method, but the site in question used the Server integration method. Can individual accounts support multiple different payment methods like this, or does one need to activate the other? I don't see any options relating to this in the admin panel.
After getting a response from SagePay I have found the following important notes:
You can use Form/Server/Direct integration interchangeably on the same vendor's account, without needing to change settings or register anything
The 4020 error genuinely is an IP restriction error and is not masquerading another error
The issue here was that the IP address of the web server (www.mysite.com), being on a VPS, turned out to not be the same address as the one used when curl requests were made. I made a test PHP page that mailed the IP in $_SERVER['REMOTE_ADDR'] to myself and put it on another server. I then used curl to grab that script and low and behold it was a different IP. Putting (a zero padded version of) this in to the Valid IPs section in My SagePay control panel (logged in with the admin account) it sprung to life immediately.
Update
You can use:
curl icanhazip.com
Like so:
[user#host ~]# curl icanhazip.com
177.12.41.200
to display the correct IP to use, from the command line of the server you're hosting the web site on, instead of uploading files and all that malarkey. More information and usage here.
You have to add your IP address into SagePay control panel.
Other suggestions:
You can double-check your IP address at www.whatismyip.com and compare which what you added,
Make sure that your address didn't change since you added it (e.g. you have dynamic addressing),
Check if your Apache user is configured to use some different IP address,
We need to add the web server IP address to Sagepay. (???Correct me if I'm wrong here)
For more details:
Local environment:
1) In your local environment, you need to find your public IP:
dig +short myip.opendns.com #resolver1.opendns.com
curl icanhazip.com
curl ipecho.net/plain
Or using: https://www.whatismyip.com/
In this case, the web server ip address uses your public ip.
2) Dev, staging, live environments: log in to the web server. Using the commands above to find the IP address.
Then, login to Sagepay account: Settings > Valid IPs > Add the IP address
Fill the IP address
(the Subnet mark mostly is 255.255.255.255)
I contacted Sagepay about this error, having already tried adding my IP as described in the other answers (this didn't help).
In my case they said the problem was missing internal IPs on the account on their end, nothing to do with where the request came from.
They added the IPs while I was on the phone and that sorted the issue.
If adding the server IP doesn't help it's well worth giving them a call.
I'm hosting my own website on my personal server running Ubuntu server. My public IP address is showing up in the status bar each time someone visits my sites or hovers over one of the links on the pages (i.e. when going to the home page it says waiting for myipaddress/index.php). I have purchased a domain name with godaddy. While I was able to find the option of mask the url in the address bar in the admin page, I was able to find no such option for the status page. Initially, I tried to embed JavaScript code into the php files but I later learnt from various posts (link) that we cannot control what is displayed in the status bar .
All I want to do is to display my domain name instead of my IP address each time the page loads and each time the user hover's over a link. Any ideas of how I should go about this?
You should just have your domain name point to your IP address and setup the site on your server to handle that domain. Then all requests will go to that domain name instead of directly to your IP address.
Note: it's very easy to find the IP address for any web server (based on a domain name) so you can't really hide it, but you can set it up so that it behaves just like any regular site that uses a domain name instead of an IP address.
Have you done anything to connect the webserver and the domain name? You're going to need name servers, often your domain provider will have something you can use, or you can run your own. The name server is like a phone book for websites. It says mydomain.com can be found at IP address 123.whatever. Until you have an entry in a name server 'phone book' you will not be able to access it through that domain name.
You'll also need to setup something on the webserver so it will know what to serve when it gets a request pointed to that domain, if you're using apache, likely it will be a virtual host entry in the appropriate config file.