lucianodefranco
Forum Replies Created
-
Ok @benjamin4 , now it’s clear.
We thought that the first IP was already discarded by the reverse proxy option and therefore should not be added there … Maybe you could improve the description of the field ??
Yes, our example with that specific IP was just a test, we know that it will then be necessary to manually add the entire IP list of the CDN … But in the meantime we wanted to test the correct functioning with a single IP;)
Adding lists as a plugin feature seems like a great idea for the future to me!
Thanks again for the invaluable support!
Hi @benjaminpick , unfortunately something is wrong…
IP detected:
External Server IP: 15.188.79.253 (Paris, WebServer hosted in AWS EC2)
REMOTE_ADDR: 172.26.15.14 (reserved IP address)
HTTP_X_FORWARDED_FOR: 93.46.97.164 (Browser IP), 130.176.111.36 (US CloudFront)Here are the tested steps:
1. “The server is behind a reverse proxy” option disabled.
I read this:
(With Proxy: 93.46.97.164, 130.176.111.39 - Without Proxy: 172.26.26.89 - Client IP with current configuration: 172.26.26.89)2. “The server is behind a reverse proxy” option enabled.
I read this:
(With Proxy: 93.46.97.164, 130.176.111.19 - Without Proxy: 172.26.26.89 - Client IP with current configuration: 130.176.111.19)3. “The server is behind a reverse proxy” option enabled and and the input box “IPs of trusted proxies” set to “130.176.111.19” (IP CloudFront). I would expect to finally get “Client IP with current configuration: 93.46.97.164”, but I read this:
(With Proxy: 93.46.97.164, 130.176.111.19 - Without Proxy: 172.26.26.89 - Client IP with current configuration: 172.26.26.89)In short, by valuing the input field “IPs of trusted proxies” in any way, it is as if you disabled the “The server is behind a reverse proxy” option! How come this?
Ok, so I have to enter all the IPs present in https://ip-ranges.amazonaws.com/ip-ranges.json, separated by commas, in the “IPs of trusted proxies” input box of the plugin, correct?
To give an example, taking the first 5 IPs of the linked json file, I have to enter this in the “IPs of trusted proxies” field of the plugin:
3.5.140.0/22,13.34.37.64/27,35.180.0.0/16,43.224.79.174/31,52.93.153.170/32It’s correct?
In this way these IP ranges will be skipped and therefore the IP 93.46.97.164 will be assumed as the client. Quite right?
In the meantime, thanks for the quick reply..
I tried to add 130.176.90.85 to the reverse proxy whitelist, but nothing has changed. But I don’t quite understand where it says in the whitelist part that you have to put the IPv6 address as well… I added only “130.176.90.85” in the input box… can it be for this? Furthermore, the address 130.176.90.8 corresponds to the CloudFront CDN, so it does not remain constant, it is destined to change according to the connected user! Do you have any other suggestions for us?
Thanks in advance