matthieu.yiptong.ca » http http://matthieu.yiptong.ca Matthieu/ergosteur's new blog Fri, 10 Sep 2010 14:46:35 +0000 en hourly 1 http://wordpress.org/?v=3.0.1 Fixing WordPress comment IP detection http://matthieu.yiptong.ca/2009/07/06/fixing-wordpress-comment-ip-detection/ http://matthieu.yiptong.ca/2009/07/06/fixing-wordpress-comment-ip-detection/#comments Mon, 06 Jul 2009 23:06:16 +0000 Matthieu http://matthieu.yiptong.ca/?p=7 I currently have WordPress running in an OpenVZ container behind a lighttpd reverse proxy. Because of this, the source IP for all comments was being detected as 172.16.32.201 (my lighttpd proxy). The solution was found on the WordPress support forum.

All I needed to do was add

if(isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
        $list = explode(',',$_SERVER['HTTP_X_FORWARDED_FOR']);
        $_SERVER['REMOTE_ADDR'] = $list[0];
  }

to wp-config.php. This bit checks if HTTP_X_FORWARDED_FOR is set in the HTTP request, and if so, uses it for the REMOTE_ADDR.

Update:

I found a better way to do this, assuming that the backend server is running apache2. Just install mod_rpaf. On Debian:

apt-get install libapache2-mod-rpaf

Then edit /etc/apache2/mods-enabled/rpaf.conf and set your proxy IP. This also allows apache’s access.log to show the real client IP.

One minor bug (not sure if it’s because of this code or lighttpd or my network setup) is that all the proxied IPs are prefixed with ::ffff:. In any case it’s just a minor annoyance.

]]> http://matthieu.yiptong.ca/2009/07/06/fixing-wordpress-comment-ip-detection/feed/ 2