Client IP being cahed

I note that my security software gets the correct ip addresses using x-forwarded-for , yet the gravity forms which uses the standard

$_SERVER['REMOTE_ADDR'];

seems to be getting the wrong results.

I have tried entering the following into my wp-config file, as it seemed to be the most logical approach, but still no joy…

if ( ! empty( $_SERVER['HTTP_X_FORWARDED_FOR'] )
     && preg_match( '/^\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}$/',
                     $_SERVER['HTTP_X_FORWARDED_FOR'] ) )
        $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_FORWARDED_FOR'];

I am not sure if it is the CDN or The caching settings that cause the issue. either way, it would be great to get to the bottom of it as my limited knowledge has come to a dead end.

Thanks.

Any ideas about this one – I’m really keen to get this working and have tried everything I can to no avail – just currently it seems to be stuck on the site host’s server IP as the Client IP which is obviously wrong.

Thanks in advance for any help here.

So if i am understanding Gravity Forms is incorrectly getting the IP address since it is only relying on REMOTE_ADDR and not checking for HTTP_X_FORWARDED_FOR? If so then it doesnt sound like a w3tc issue but a flaw in Gravity Forms.

Have you tried moving your code you had in wp-config into your functions.php file and applied the appropriate action/filter? For example here is what i wrote:

add_action('wp','my_init',0);

function my_init()
{
    $_SERVER['REMOTE_ADDR'] = get_ip_address();
}

function get_ip_address() {
    $ip_keys = array('HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR');
    foreach ($ip_keys as $key) {
        if (array_key_exists($key, $_SERVER) === true) {
            foreach (explode(',', $_SERVER[$key]) as $ip) {
                // trim for safety measures
                $ip = trim($ip);
                // attempt to validate IP
                if (validate_ip($ip)) {
                    return $ip;
                }
            }
        }
    }
    return isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : false;
}

function validate_ip($ip)
{
    if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_IPV4 | FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) === false) {
        return false;
    }
    return true;
}

Hi Kimberly,

Thanks for taking the time to look at this –

I haven’t tried entering it as a filter, will give this a go and see if it can fix it

RE it being Gravity forms, I don’t think this is the case as I did a test on a non Gravity forms page using this php code and still get the same incorrect IP address

<?php

function getIp() {

 $ip = $_SERVER['REMOTE_ADDR'];

 if (!empty($_SERVER['HTTP_CLIENT_IP'])) {

 $ip = $_SERVER['HTTP_CLIENT_IP'];

 } elseif (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {

 $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];

 }

 return $ip;
}
$ip = getIp();

$ip2 = $HTTP_SERVER_VARS['HTTP_X_CLUSTER_CLIENT_IP']; 

echo $ip;
print "</br>";
echo $ip2;
$ip3 = $_SERVER['REMOTE_ADDR'];
$ip4 = $_SERVER['HTTP_X_FORWARDED_FOR'];
$ip5 = $_SERVER['HTTP_VIA'];
$ip6 = $_SERVER['HTTP_CLIENT_IP'];
echo $ip3;
print "</br>";
print "IP4 is $ip4";
print "</br>";
print "IP5 is $ip5";
print "</br>";
print "IP6 is $ip6";
print "</br>";

?>

(however, I did a test with this code on a page outside of wordpress and it works fine) you can see this working correctly here …

https://www.solosails.com/test.php

I’ll give your suggestion a go and see if it works!

Hi Kimberly,

I tried putting your code in the theme’s functions and removing my code from the wp-config –

refreshed the total cache and I did indeed get the correct IP, HOWEVER, I then restarted my router to get a new IP assigned from my ISP, which was fine, but on my website I’m still seeing the previous IP as if it were cached…?

IE it is not updating with a new client IP, it’s just reporting the last one that successfully was registered?

I think I’ve discovered the problem area, I switched off page cache and the Client IP’s are now live for every change of IP address …

So,…. what to add or change in W3 Total Cache settings for page cache to ensure client IP addresses don’t get cached?

If anyone can solve this, I’ll buy them a virtual pint! Thanks!

Ah, I can see there is this option which seems a likely culprit, but it is unchecked and greyed out!???

Reject HEAD requests: Disable caching of HEAD HTTP requests
If disabled, HEAD requests can often be cached resulting in “empty pages” being returned for subsequent requests for a URL.

Yep – definitely page cache is the culprit.

Makes no difference if I have disk basic or disk enhanced enabled, WP only prints live IP results with page cache turned off.

Curiouser and curiouser …

I have just looked at some of the entries and can see that the IP recorded in the form is actually different to the IP recorded in the Gravity forms back-end details –

So, the form’s IP field has a different IP to the Admin details of the user (which are correct)

This is stopped by turning off page cache – so what could be causing this? Any ideas anyone!? Thanks

So, this is the response from Gravity forms when asked what calls/queries Gravity forms use that might need white listing – if anyone can make a useful observation on what might be the issue and what can be added to W3 in order to stop this IP caching, I would REALLY appreciate it because at present the only way I can get around this is to add the form page to the list of pages not to cache which is not a good solution .. Thanks in advance

the plugin uses the first ip it finds when retrieving the values from the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR and REMOTE_ADDR headers in the $_SERVER super global. So you will want to prevent the caching for any of these. Also excluding the POST request using to submit the form data is a good practice too.

Any ideas what and where to add the above to make sure they never get cached anyone? Hopefully it is that simple! Thanks

This is how i have solved it (added to theme’s function.php)

add_action( 'gform_pre_submission', 'pre_submission_handler' );

function pre_submission_handler( $form ) {
    for($c=0; $c<count($form["fields"][$c]); $c++) {
        if ($form["fields"][$c]["defaultValue"] == "{ip}") {
            $id = $form["fields"][$c]["id"];
            $_POST['input_' . $id] = $_SERVER["REMOTE_ADDR"];
            break;
        }
    }
}

my form is ajax, not sure if it will help for plain forms

Hi dmitry.matora,

Thanks for taking the time out to post this ! I’ll give it a go. My form is ajax enabled, so hope it might work.

Thanks again!

Hi Dmitry.matora

I tried this, unfortunately it does not stop the caching of the IP, the only thing I can do to get a reliably ‘Live’ IP, is to set the page with the form not to cache – but there MUST be some query string or something that could just ensure that the call for IP isn’t cached in the form?