Uploaded image for project: 'Blesta Core'
  1. Blesta Core
  2. CORE-2916

Allow proxy IP addresses to be set to allow the x-forwarded-for header from

        Details

        • Type: Improvement
        • Status: Open
        • Priority: Major
        • Resolution: Unresolved
        • Affects Version/s: 4.5.0-b1
        • Fix Version/s: Long Term
        • Component/s: None
        • Labels:
          None

          Description

          We added a setting, behind_proxy, in CORE-2349 that sets whether or not Blesta is behind a proxy/load balancer. In such cases, we cannot rely on php's _$SERVER['REMOTE_ADDR'] IP address because it is the IP address of the proxy, not the user. Instead, the proxy should be passing an x-forwarded-for header to identify the user's IP address.

          We could update the settings to allow a white-list of IP addresses to be set representing the proxy IP addresses that are trusted, and only interpret x-forwarded-for IPs from those IPs.

            Activity

              People

              • Assignee:
                Unassigned
                Reporter:
                tyson Tyson Phillips (Inactive)
              • Votes:
                0 Vote for this issue
                Watchers:
                1 Start watching this issue

                Dates

                • Created:
                  Updated: