QUIC.cloud allowlist

Hi @martal, thanks for getting in touch.

Take note of your own IP – (note that this detection can sometimes not be 100% accurate on cellular phone network connections): https://www.whatsmyip.org

Head over to Wordfence > All Options > General Wordfence Options > How does Wordfence get IPs and reference the area under that section that says Detected IPs and Your IP with this setting. You’ll most likely need to set?Use the X-Forwarded-For HTTP header. Only use if you have a front-end proxy or spoofing may result. here to match your IP. Then add the IPs you spoke of as “trusted proxies” in the IP detection settings: https://www.quic.cloud/ips

Thanks,
Peter.

Peter, thanks for that.

But I’m a little confused on the IP from whatsmyip. This is the gateway to my ISP, yes? Not using a proxy or VPN. How does it relate to the IP of the website I have hosted elsewhere?

Martin

Hi @martal,

It relates because we need to check whether your host is sending visitor IPs through to your site correctly and that the correct Wordfence setting to detect that is set. If a proxy, load-balancer or other server is being detected as the visitor IP rather than yours, it’ll mean a block for one user will block everybody trying to access the site.

Thanks,
Peter.

?Hi Peter

When I use X-Forwarded-For, I get a Wordfence error:

Your ‘How does Wordfence get IPs’ setting is misconfigured. This site is currently using the X-Forwarded-For HTTP header, which should only be used when the site is behind a front-end proxy that outputs this header. This site appears to be behind a front-end proxy, so using the X-Real-IP HTTP header will resolve to the correct IPs. Click here to use the recommended setting or visit the options page to manually update it.

The recommended setting is the X-Real-IP.

Just to confirm:

Set to X-Real-IP, my ISP gateway IP (whatsmyip confirms) is revealed. And I put that plus the quic allowlist into the trusties proxies list.

Thanks

Martin