After successfully configuring the setup on Ubuntu12.04.5 [Visitor>Nginx>SSL Termination>Varnish3.0>Apache], I installed WHMCS and encountered an error, "The page isn't redirecting properly".
After searching online I followed those steps..
So I added following line in my concerned server block:
proxy_set_header X-Forwarded-Protocol $scheme;
And then I added following line in my .htaccess file:
if ($_SERVER['HTTPS'] !== on) {
SetEnvIf X-Forwarded-Protocol https HTTPS=on
It went well, stopped redirecting and I could access my admin panel over https.
Now while logging into WHMCS admin panel, I found that the IP tracking in WHMCS shows that visitor IP is 127.0.0.1 on the login page. Even though I have added following lines to my nginx server block:
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Yet it seems the IP is not getting passed on and WHMCS is picking the proxy 127.0.0.1 coming from port 80 through varnish.
Can someone please advice how to configure server so that real IP is passed on & understood by Apache/WHMCS?
PS: I have tried but failed to implement Real IP Module
My nginx server block is shown below:
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
location / {
proxy_pass http://127.0.0.1:80;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header Host $host;
}
}
Also, I checked PHP Info into my WMCS and found the following:
Apache Environment
HTTP_X_REAL_IP - shows my CloudFlare DNS IP
HTTP_CF_CONNECTING_IP - shows my real IP
HTTP_X_FORWARDED_FOR - shows three IPs namely, my real IP, my CloudFlare DNS IP, 127.0.0.1
Maybe this could help to investigate the matter..
--
SV
I was looking for a solution while using WHMCS with cloudflare protection .. I've tried many solutions .. Never worked ..
I really want to thank Saurabh Vashist for sharing that solution .. After little editing on WHMCS Configuration file to put in :
if(isset($_SERVER['HTTP_CF_CONNECTING_IP']) &&
$_SERVER['HTTP_CF_CONNECTING_IP'] != '') {
$_SERVER["REMOTE_ADDR"] = $_SERVER['HTTP_CF_CONNECTING_IP'];
} else {
$_SERVER["REMOTE_ADDR"] = $_SERVER['REMOTE_ADDR'];
}
The real Visitor IP's now appears again ..
Thank you very much for sharing guys ..
After searching left & right, ultimately landed answers from WHMCS Support & CloudFlare Module.
Although my CloudFlare module is still not working but temporarily I have been able to resolve the Real IP issue by adding all CloudFlare IPs to trusted proxy list in WHMCS security settings.
Still got no idea why mod_cloudflare is not able to supply correct IP to the Apache server :(
Add this code to your configuration.php:
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR'] != '') {
$ip_address = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
$ip_address = $_SERVER['REMOTE_ADDR'];
}
Or try:
if(isset($_SERVER['HTTP_CF_CONNECTING_IP']) && $_SERVER['HTTP_CF_CONNECTING_IP'] != '') {
$ip_address = $_SERVER['HTTP_CF_CONNECTING_IP'];
} else {
$ip_address = $_SERVER['REMOTE_ADDR'];
}
Related
I'm using Siteground's nginx based dynamic cache reverse proxy which serves requests and static file using it, i want to get the IP address of the visitor but im unable to get anything there's nothing even shown while print_r($_SERVER).
Here is what i tried.
$hostname = gethostbyaddr(trim($_SERVER['HTTP_X_REAL_IP']));
$hostname = gethostbyaddr(trim($_SERVER['REMOTE_ADDR']));
If someone can help?
You have to set configurations on your reverse proxy in order to forward the real IP address to your web server.
For example using Nginx, you can set headers like this :
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
Here, the X-Real-IP will provide you the real IP address on your backend server.
You must refer to the documentation of the reverse proxy software you're using (apache, nginx, etc..) for more information.
I have a Symfony 3.2 application (running on port 8443) using FosUserBundle. When anonymous users access 'https://[myurl].com:8443', they are redirected to 'https://[myurl].com:8443/login' for the login process. This redirection is working fine when accessing the application but now, we want to use a reverse proxy to forward the requests from customers to the application. Customers would use standard https port 443.
What happens is the following : Users access the application with 'https://myurl.com'.
The request is forwarded by the reverse proxy to the web server (IIS) hosting the application on port 8443.
The user making the request is redirected to 'https://myurl.com:8443/login' which does not work because 8443 is only opened server-side.
I tried different solutions in symfony but was not able to make it work :
-set up the reverse proxy in symfony : Request::setTrustedProxies(array('123.456.78.89'));
-set http_port/https_port in config.yml
-set $_SERVER['SERVER_PORT'] = 443;
Any idea on how can I solve this ?
Thanks
In addition to #Gor I think you should also configure your proxy to add X-Forwarded headers. In Nginx something like
location / {
proxy_pass http://myurl:8443;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
}
Open the following file:
web/app.php
Right after this line:
$request = Request::createFromGlobals();
Insert this block:
// tell Symfony about your reverse proxy
Request::setTrustedProxies(
// the IP address (or range) of your proxy
['192.0.0.1', '10.0.0.0/8'],
// trust *all* "X-Forwarded-*" headers
Request::HEADER_X_FORWARDED_ALL
// or, if your proxy instead uses the "Forwarded" header
// Request::HEADER_FORWARDED
// or, if you're using AWS ELB
// Request::HEADER_X_FORWARDED_AWS_ELB
);
See:
"How to Configure Symfony to Work behind a Load Balancer or a Reverse Proxy"
http://symfony.com/doc/3.4/deployment/proxies.html
I'm running a service in localhost at 127.0.01:8000
and I'm proxying this by using:
proxy_pass http://127.0.0.1:8000;
Problem is that I need to pass the user's IP address to the service.
Any ideas?
I send the real IP to django by setting a custom header:
proxy_set_header X-Real-IP $remote_addr;
Those headers are available in request.META
See http://wiki.nginx.org/HttpRealIpModule
I have a reverse proxy pointing to a google appengine api. The api is a shared service layer so I point multiple sites to it via reverse proxies.
mysite1.com > myapp.appspot.com
mysite2.com > myapp.appspot.com
The problem is, in the php script on app engine I'm unable to access the original host name. If I look at the $_SERVER vars all I see is myapp.appspot.com, where I'd like to see mysite1.com
I tried setting the proxy header Host to the main site url and it breaks app engine. Is there a way to get the proxying url from app engine?
I have solved this using nginx:
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
You can then grab the X-Forwarded variables from the $_SERVER array as per the usual in PHP.
I have an established site that I want to make chat client for. I want to write it all myself for fun and to learn a little about node.js and express. Right now I have a chat system based on jQuery/PHP/MySQL and polling with ajax. It is slow and I only poll every 5 seconds so it looks slow too.
I can write the chat in node.js, but my question is: How can I include my chat in the my oldschool pages. I want it to be a box that is at the bottom corner of all my pages. I am not concerned with the css, only how to integrate it. Should the chat live at it's own domain (chat.example.com) and just allow cross site access?
Here is a reference to the Access Control Headers.
https://developer.mozilla.org/en-US/docs/Web/HTTP/Access_control_CORS
If your PHP app is running say behind nginx. You could set up a route in nginx that forwards those requests to the chat server.
Here is an example:
upstream app_chat {
server 127.0.0.1:8080;
}
server {
listen 0.0.0.0:80;
server_name www.mydomain.com mydomain;
location /chat {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://app_chat/;
proxy_redirect off;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
}
}
So from your client js
var sock = io.connect('ws://mydomain/chat');
sock.on('chat', function (msg) {
console.log('msg', msg);
});
Yes, you can. I don't know how complex your app is. But, running a node server on a different port will do.
Lets say your PHP app runs on port 80. Now, run your node.js server which handles the chat system on 8080. Then in your PHP page, include a JS file(chat.js).
chat.js
var connection = io.connect('YOUR_NODE_SERVER_URL'); //like http://localhost:8080
/*
your code
*/
That's it.