Support

Admin Tools

#13382 IP Addresses Behind Load Balancer

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by on Sunday, 30 September 2012 18:00 CDT

Saturday, 25 August 2012 03:23 CDT

user66653
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? Yes
Joomla! version: 2.5.4
PHP version: 5.5.3
MySQL version: 5.5.20
Host: dreamtimeline.com
Admin Tools version: (unknown)

Description of my issue:

I am hosting using Amazon EC2, and it is behind a load balancer. I dare not do IP whitelisting because I think it is taking the IP address of the load balancer rather than the client - as per this login email below.

Is the Admin Tools able to look at the other HTTP headers to get Client IP address?

=====


Hello,

We would like to notify you that user dtladmin has just logged in to the administrator back-end area of your site, Dream Timeline, using IP address 10.201.219.126, coming from (unknown country), (unknown country). The browser used identifies itself as 'Mozilla/5.0 (Windows NT 6.1; WOW64; rv:14.0) Gecko/20100101 Firefox/14.0.1'.

If this is expected you need to do nothing about it. If you suspect a hacking attempt, please log in to your site's back-end immediately and activate Admin Tools' Emergency Off-Line mode at once.

Best regards,
The Dream Timeline team

Saturday, 25 August 2012 03:30 CDT

nicholas
That's correct, you'd see the IP of the load balancer. Now, I have a question to ask. Do you have multiple Joomla! installations behind the load balancer sharing the same database? Or have you set up the load balancer to "remember" the node it sent you to when you accessed the back-end of the site? I am trying to figure out if you end up talking to the same Joomla! instance once you log in or not.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Friday, 31 August 2012 07:56 CDT

user66653
Currently there is only a single node behind the load balancer, yet the idea is that we will be able to spin up multiple (EC2) servers with the same code base pointing to the same Amazon RDS database.

It is set up to be sticky for sessions, so in theory someone connecting will still talk via the same Joomla Instance.

Thanks.

Friday, 31 August 2012 15:54 CDT

nicholas
OK, thank you for the reply. The same database part is critical for the correct operation of Admin Tools. Now, regarding the IP which is displayed. It was a missing feature in Admin Tools. You can download the latest dev release from here: https://www.akeebabackup.com/download/developer-releases/admin-tools-professional.html Please install it on top of your existing installation. This version respects the IP forwarding HTTP headers set by load balancers and opaque reverse proxies. It will be released as a stable version once I get back from my vacation.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Sunday, 30 September 2012 18:00 CDT

System Task
system
This ticket has been automatically closed. All tickets which have been inactive for a long time are automatically closed. If you believe that this ticket was closed in error, please contact us.

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!