• Resolved Galfom

    (@galfom)


    It would be great if HTTP_X_FORWARDED_FOR was evaluated and there was an option to specify the number of upstream proxies which are trusted (this is needed, since users can add own spoofed/rubbish to that field but they obviously cannot influence trusted proxies in between).
    An approach like that is handy for todays common CDN + load balancers + custom infrastructures.

    In our current case for example I can work around the limitation of this feature partly by using the custom HTTP_CF_CONNECTING_IP header. However, due to data protection/legal reasons we are not allowed to serve our site through CloudFlare for EU users. So those users are routed differently. I don’t know how exactly but they reach us without the CF header but in this case would have the same trusted proxy count. Even better would be if you could also set a priority list of headers from which to take the IP.

    Not sure if it is worth it for you to implement it. We probably will not stick long with this plugin and will never be “pro” users but I thought I leave it as feedback in case you find it interesting ??

Viewing 1 replies (of 1 total)
  • Plugin Author Mostafa Soufi

    (@mostafas1990)

    Thanks for the feedback, but I believe this is a unique case, and implementing it may have some new side effects for most users.

    Then we can implement it as a custom service or adding an ability to modify that by an add_filter if you wish.

    • This reply was modified 3 years, 6 months ago by Mostafa Soufi.
Viewing 1 replies (of 1 total)
  • The topic ‘Evaluate HTTP_X_FORWARDED_FOR’ is closed to new replies.