Support

Admin Tools

#38756 Get real IP behind reverse proxy

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
4.2.9
PHP version
7.4
Admin Tools version
7.3.1

Latest post by nicholas on Monday, 20 March 2023 01:46 CDT

Sunday, 19 March 2023 04:42 CDT

freebandtech

I've configured the Nginx reverse proxy to send X-Forwarded-For headers to the Apache backend where Joomla is running.

In previous versions of the WAF there was an option to enable IP Workarounds in order t obtain the real client IP, which in the newest 7.3.1 version isn't present (or at least I cannot find it).

Source: https://www.akeeba.com/documentation/atwp/waf-configure.html

 

Thanks in advance!

EDIT

 

How can i reliably test the solution proposed here:

https://www.akeeba.com/support/admin-tools/38612-enable-ip-workarounds-missing.html

The access logs generated by Apache still show the the reverse proxy IP, which is to be expected.

Edited by freebandtech on 2023-03-19 04:51 CDT

Monday, 20 March 2023 01:46 CDT

nicholas

As you read in the other ticket, this is now a feature in Joomla 4 (and 3.10) itself.

In fact, Joomla uses (with our permission) the same code we were using in previous versions of Admin Tools to determine the visitor's IP address. The “Behind Load Balancer” option in Joomla is identical to the “Enable IP Workarounds” option in previous versions of Admin Tools — it calls the same method to set a flag in the Ip class, telling it to use the HTTP headers to determine the visitor's address. That's why we removed this feature from Admin Tools: it's no longer needed since our code is now part of Joomla itself.

Edit your site's Global Configuration, Server tab, set Behind Load Balancer to Yes. Then, click on Save & Close.

How can i reliably test the solution proposed here:

https://www.akeeba.com/support/admin-tools/38612-enable-ip-workarounds-missing.html

Go to Components, Admin Tools for Joomla, Web Application Firewall, Site IP Disallow List, and click on the New button in the toolbar. At the top of the page, right below the toolbar, there's a message like this:

Your current IP as seen by your web server

192.168.42.42

This tells you what is the IP address Joomla reports. 

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!