mdshack Posted January 11 Report Posted January 11 Hey all! Ran into this issue on my Blesta installation with 2 proxies sitting in front of my install. Essentially the proxy handling (check the "behind a proxy" flag in the settings) will store the forwarded IP, but it will store the whole string. This is problematic because this will often result in varchars that exceed the max size of the "ip_address" columns throughout the platform. Many proxies (that I have used) will prepend the most confident result, resulting in a header that looks something like `127.0.0.1, 127.0.0.2, 127.0.0.3`, and the proxy believes `127.0.0.1` to be the true client IP. I handled this in my install like this: `src/core/ServiceProviders/Requestor.php` private function getIp($container) { ... $split = explode(",", $_SERVER['HTTP_X_FORWARDED_FOR']); // split header by ',' return ($forwarded && count($split) ? trim($split[0]) : $ip); // return the first element of split if possible } Quote
Paul Posted January 13 Report Posted January 13 We have a task here to update this in 5.12 https://dev.blesta.com/browse/CORE-5194 I'll note your recommendation in the task for our developers to review. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.