Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

add support for X-Forwarded-For header to log correct client IP when behind a proxy #998

Open
rlljorge opened this issue Oct 4, 2024 Discussed in #994 · 0 comments
Open

add support for X-Forwarded-For header to log correct client IP when behind a proxy #998

rlljorge opened this issue Oct 4, 2024 Discussed in #994 · 0 comments

Comments

@rlljorge
Copy link

rlljorge commented Oct 4, 2024

Discussed in #994

Originally posted by rlljorge September 28, 2024
Hello,

I’m using the self-service-password tool behind a proxy, and I noticed that the audit logs are showing the proxy’s IP address instead of the client’s real IP. Many applications support reading the X-Forwarded-For header in such scenarios to correctly log the client’s original IP.

Would it be possible to add native support for this feature?

For example, in the configuration file (config.inc.php), a new option could be added to enable this functionality, something like:

$use_forwarded_for = true;

And the system could then check if the X-Forwarded-For header exists and use that for logging the client’s IP.

if (!empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
} else {
    $ip = $_SERVER['REMOTE_ADDR'];
}

Best Regards,

Rodrigo
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@rlljorge