Support

Admin Tools

#17283 WAF exceptions problems with Cloudflare

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Friday, 30 August 2013 10:42 CDT

cpaschen
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? No (none specific to this)
Have I searched the tickets before posting? Yes
Have I read the documentation before posting (which pages?)? None that were specific to this that I could fine
Joomla! version: 2.5.14
PHP version: 5.3.27
MySQL version: 5.1.68
Host: SiteGround
Admin Tools version: 2.5.6

Description of my issue:

I've got a site running on SiteGround with CloudFlare and we're having problems in that when an IP has an exception it is logging the IP address of the CloudFlare servers not the user's IP address.

I've worked with SiteGround and they have installed the appropriate apache mods but Admin tools is still showing the CF server IPs.

I've read your comments about this here:
https://www.akeebabackup.com/support/admin-tools/14550-cache-a-login-htaccess-issue.html#p84672

And we've followed the tips there AND have done everything that CF has suggested, but still no change.

Daniel at SiteGround suggested that it would be resolved if Admin tools could be configured to check the X-Forwarded-For HTTP header. However, I am not sure about any problems with that. (He said that he would discuss the issue with you directly ).

It appears that there isn't presently a way to completely disable CloudFlare from the admin-side of Joomla, and I know that's true of at least a couple other CDNs that I've used.

Any ideas about how to get this working (short of hacking the code) would be appreciated.

tampe125
Akeeba Staff
Hello Chris,

I've assigned this ticket to Nicholas.
At the moment he is out of office, so he will be able to answer you on Wednesday.

Davide Tampellini

Developer and Support Staff

🇮🇹Italian: native 🇬🇧English: good • 🕐 My time zone is Europe / Rome (UTC +1)
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

nicholas
Akeeba Staff
Manager
As long as the remote proxy server / CSN sends the user's IP in the X-Forwarded-For HTTP header Admin Tools will honour that and report the real user's IP address. This was fixed many moths ago. You can see the code in administrator/components/com_admintools/helpers/ip.php, lines 57:61:

			// Do we have an x-forwarded-for HTTP header (e.g. NginX)?
			if (array_key_exists('HTTP_X_FORWARDED_FOR', $_SERVER))
			{
				return $_SERVER['HTTP_X_FORWARDED_FOR'];
			}


This is the first thing we try when trying to return the user's IP address. We then proceed to replace the $_SERVER['REMOTE_ADDR'] with the value we detected. Therefore, as long as the HTTP header X-Forwarded-For is set, we will always end up using this value.

If you are also using SiteGround's SuperCache please ask their support to make sure that the X-Forwarded-For header is not overwritten by their cache, which I suspect is the case on your site.

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!