Hello,
So i have a wordpress-based website and within it, the WHMCS 7.1.2 core installation.
The issue is that when a clients purchases a product within the WHMCS cart, the purchase is logged with Cloudflare server's ip instead of the client's real ip adress. I want it to show the real ip at least inside WHMCS.
Pretty much whenever anybody visits my website and its sub-domains, their real ip is masked and replaced with Cloudflare's.
I've found that it is possible to reverse the ip by using this php code:
<?php if (isset($_SERVER['HTTP_CF_CONNECTING_IP']))
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
?>
But i don't know how to add it to WHMCS or if there's any other way to reverse the ip?
I would really appreciate if anybody could please guide me on how to do this.
Regards.
WHMCS has settings for such service, called Trusted Proxies, check documentation for Trusted Proxy Settings
Basically, from Setup > General Settings > Security Tab:
Set Proxy IP Header to X_FORWARDED_FOR
Add IP address to Trusted Proxies. This is the tricky part, since you need to add CloudFlare IPs
Related
I have created a web app through azure that entirely depends on a users location to give them the correct data e.t.c. It's an app that recommends places to go locally.
I'm using azure, cloudflare and codeigniter as the frame work.
I'm really getting stressed out, as when i'm home, i'm getting the right location, but the second i go on my website anywhere else, it never gets the accurate information.
When cheking the header $_SERVER['HTTP_CF_CONNECTING_IP']; i seem to be getting an ipv6 address, when i go to ipdata.co, their site loads my ipv4 address which gives exact accurate information. But when i enter the address from $_SERVER['HTTP_CF_CONNECTING_IP']; it gives me city null and every other option as null
does anyone have any suggestions on how to get the users IPV4 address through cloudflare and azure?
Or any suggestions on other ways to do this? It's prolonging the launch of my website.
I am pretty new to understand geo-location and ip addresses and all that, so please bare that in mind.
Thanks
The reason that you are getting IPV4 address from your home and IPv6 from somewhere else as by default, Cloudflare provides free IPv6 support to all domains without requiring additional configuration or hardware. If your origin web server is not compatible with IPv6, Cloudflare allows toggling IPv6 Compatibility to Off. You can disable the IPV6 Compatibility to Off from cloudflare.
Reference: https://support.cloudflare.com/hc/en-us/articles/229666767
Cloudflare put into this header whatever the connecting client IP is, so they really have little control over what the user-agent decides to do.
Also check if your network has ‘good’ IPv6 connectivity, or are you getting sub-optimal routing compared to IPv4.
Check this link for additional reference.
http://www.webhostingtalk.com/showthread.php?t=1692173
I am working on a WordPress website and have the plugin WP Security installed. It tells me the current IP Address I am on when viewing the website. However the IP address it is producing isn't my correct IP address. I did the same thing on another WordPress website and it did produce the correct IP address.
The reason I'm trying to figure out the IP address is because someone entered their login credentials wrong 5 times. The website is set up so when that happens it locks that person out of website for an hour. Well when this happened it didn't just block their IP address, but blocked our IP address and the clients IP address. And the IP address it said it was blocking was neither of ours.
What could be the reasoning for this single website to be grabbing the incorrect IP address and believing it belongs to us and our client?
EDIT: after looking into it a little more the IP address that is showing up on this website is through Liquid Web, our hosting provider. So it is showing that IP address instead of our current/local IP address.
"All" traffic is routed to your webserver via another server (CDN, Firewall, Nginx etc). Following a failed login attempt the WP plugin is blacklisting this intermediate servers IP address locking everyone out.
Typically php scripts gets the visitors IP frome the REMOTE_ADDR environment variable: but depending on configuration with e.g. intermediate Nginx server REMOTE_ADDR may contain the nginx server IP; and the "real visitor" IP may be in HTTP_X_REAL_IP
You can use this script to: check which environment variable on your site contains the actual visitor IP.
It would be useful if you provided the link to the site from which you got the WP Security plugin.
Solution:
Ask your host provider to configure servers so REMOTE_ADDR on your web server will contain visitors IP; or
If you know which environment var is valid (above); then the security plugin may have a setting to configure accordingly; or
Report as a bug on plugins support forum.
This is a PHP (Zend Framework 1.11) site, not using an off-the-shelf package. When the request to:
https://live.sagepay.com/gateway/service/vspserver-register.vsp
(with a TxType of PAYMENT), I get the following response:
4020 : Information received from an Invalid IP address.
I have logged in to the SagePay admin area and added the IP address of the live server to the Valid IPs section and I've made sure it's using the correct SagePay URL to post to and.
An important note is that this issue started this morning, when we changed the SagePay account that payments get sent to, by changing the Vendor attribute.
Update: This same account (vendor) is used on other accounts with the Form integration method, but the site in question used the Server integration method. Can individual accounts support multiple different payment methods like this, or does one need to activate the other? I don't see any options relating to this in the admin panel.
After getting a response from SagePay I have found the following important notes:
You can use Form/Server/Direct integration interchangeably on the same vendor's account, without needing to change settings or register anything
The 4020 error genuinely is an IP restriction error and is not masquerading another error
The issue here was that the IP address of the web server (www.mysite.com), being on a VPS, turned out to not be the same address as the one used when curl requests were made. I made a test PHP page that mailed the IP in $_SERVER['REMOTE_ADDR'] to myself and put it on another server. I then used curl to grab that script and low and behold it was a different IP. Putting (a zero padded version of) this in to the Valid IPs section in My SagePay control panel (logged in with the admin account) it sprung to life immediately.
Update
You can use:
curl icanhazip.com
Like so:
[user#host ~]# curl icanhazip.com
177.12.41.200
to display the correct IP to use, from the command line of the server you're hosting the web site on, instead of uploading files and all that malarkey. More information and usage here.
You have to add your IP address into SagePay control panel.
Other suggestions:
You can double-check your IP address at www.whatismyip.com and compare which what you added,
Make sure that your address didn't change since you added it (e.g. you have dynamic addressing),
Check if your Apache user is configured to use some different IP address,
We need to add the web server IP address to Sagepay. (???Correct me if I'm wrong here)
For more details:
Local environment:
1) In your local environment, you need to find your public IP:
dig +short myip.opendns.com #resolver1.opendns.com
curl icanhazip.com
curl ipecho.net/plain
Or using: https://www.whatismyip.com/
In this case, the web server ip address uses your public ip.
2) Dev, staging, live environments: log in to the web server. Using the commands above to find the IP address.
Then, login to Sagepay account: Settings > Valid IPs > Add the IP address
Fill the IP address
(the Subnet mark mostly is 255.255.255.255)
I contacted Sagepay about this error, having already tried adding my IP as described in the other answers (this didn't help).
In my case they said the problem was missing internal IPs on the account on their end, nothing to do with where the request came from.
They added the IPs while I was on the phone and that sorted the issue.
If adding the server IP doesn't help it's well worth giving them a call.
I'm a user of a certain forum, but recently my IP adress has been being blocked.That's not my fault but some users probalbly broke the rule and his ISP or IP address is same or close to mine, so I was enmeshed.
I rent a web server, so now I try to post comments to the forum from my server, but it fails.
When I post a comment using a form in the site, the error says that the referer was wrong.
I tried header() function using PHP but it doesn't work.
I tries to change referer but still it doesn't work.
I think if I could have a client in my web server, the IP and host change in posting comments, without changing referer information.But I don't know how to do this.
The restriction is temporary, maybe a few weeks, so I don't necessarily need a perfect and permanent solution.
Is there any ways to solve this problem?
If they're blocking you based on IP address, then it's the web IP address of your local network that they're blocking. If they've decided to block a range of IPs then you have a larger problem depending on your host.
A few things you can try:
Chances are (unless this is a work account) that you're using a dynamic ip address from your host. A lot of work accounts use a dynamic IP too, but you would need access to the modem (since you're probably not the corporate network administrator). Sometimes to get a new IP address from a completely different range by unplugging your cable or DSL modem and plugging it back in after about 30 seconds. Most electronics clear instantaneously (unless they have an onboard battery backup), but in the case of network components they purposely build in a few seconds of wait time in DHCP servers before providing a completely different IP address. Usually when I'm having a problem on my local network or doing an upgrade and unplug my modem after about 10 minutes of work when I plug my modem back in I have a new IP so I have to go through all of the trouble of re-whitelisting myself everywhere (so I know this works).
You could try connecting to the boards through your cell phone if you can tether your cell phone to your workstation or desktop. This will provide you with an IP address through the cell phone carrier's network (Note: it might violate the TOS).
You could do as #Bergi suggested and use a proxy. Some web browsers (like Opera) allow you to specify a proxy in the browser without forcing all of your desktop traffic to a different network. You can obtain a proxy server address from several resources, but this is one of my favorites. Be sure to use an HTTPS proxy in order to have the best defense against someone packet filtering and catching your credentials. People can still capture the initial handshake for SSL and decrypt your communications (so make sure this is what you want to do.)
You can try to force inject headers into the message board and make your server post for you. Good forum software will check the referrer and the user_agent to see if you are a "real person" (however real the programmer felt you needed to prove). If there is a CAPTCHA you will need to be able to see the image, hear the sound, or use a plug-in to break it. (This will require research). Chances are your web server is using a static IP, so there is nothing to prevent the board from blocking this one as well. (You will not be able to change it.) If the web host has strict guidelines about using their servers for this sort of thing it might *cost you your account*. I will not provide an example for this on this board. But you can check out a book called WebBots, Spiders, and Screen Scrapers.
I have a small web function that should run only when the user is in the office . But the problem is that our internet provider changes its IP regularly and i cant keep track of it. We have windows 7 systems in our office and they dont have any static IP. I cant even set a static IP as it will hamper the internet provider settings and will stop connecting to internet. Im stuck now. Is there a way with which i can make sure that a person is in office only when he is using that function?
The surest way is to ID using MAC adresse since IP can be changed, MAC address is harder to spoof and does not change. It is the "serial number" of the network card. So unless they take the card home, they won't be able to access it. Have a read at
this post
You could use dyndns to get the current ip.
Dynamic dns allows ypou to redirrect a host name to a dynamic ip.
So if you get a request from a unkown ip or more then x seconds have passed since the last request you can use gethostbyname to retrive the offic ip.
Free Dynamic DNS:
http://www.dnsdynamic.org/
Getting the IP:
$ip = gethostbyname('http://sample.dnsdynamic.org/');
One way to do it would be to set up the server so it exposes 2 services - 'A' with the "special office-only function" available, and 'B' without.
Then, set up the network security so that Service A is only accessible over a VPN tunnel from your office.
--
An alternative approach might be to use PKI - get the office computers installed with certificates that are required to access the Service A functionality. However, while complicated, it is still possible for users with sufficient authority and knowledge to copy the certificate and install it at home.
If your users aren't nerds, you can set a special cookie in the office computers, and check against that every time the user accesses the application.
(If your users know to to set and unset cookies, that would fail, as they would simply copy this behavior to their home).
Also, there should still be a specific range of IPs when connecting from the office (even if the IP changes), sample a few IPs and check for a recurring pattern.
Provide your office user with some kind of token, after they authorize. Then use the token to determine if access is granted or not.
The token can be stored in a cookie on the the office users computer, so authorization is done only once.
If you have an access to office network - you may try to config your server, which gives an access to the internet, so it will add some token (cookie?) to all requests (sent to your server). And you will check it in your code.