1
fabou78
How is IP filtering/ban done in XOOPS protector?
  • 2019/9/26 15:59

  • fabou78

  • Friend of XOOPS

  • Posts: 43

  • Since: 2012/6/16


My provider have upgraded their platform and now we sit behind a load balancer or firewall. This has the consequences that the web server we are on will always the same IP address.

During testing I wanted to open access only to me and was forced to use XFF in .htaccess rather that the traditional require ip.

SetEnvIF X-Forwarded-For "1.1.1.1" AllowIP

<RequireAny>
    Require 
env AllowIP
</RequireAny>


Would the IP filtering mechanism in XOOPS based on XFF by any chances?

2
geekwright
Re: How is IP filtering/ban done in XOOPS protector?

The IP used by protector is resolved in \Xmf\IPAddress::fromRequest(). Unfortunately, it is not using X-Forwarded-For at the moment.

RFC 7239 looks promising, but XFF seems to still be the defacto standard. It should be supported here. I will add a ticket to add support for it, and it will be part of 2.5.11 - coming soon.

Edit: ticket is here: https://github.com/XOOPS/xmf/issues/64

3
fabou78
Re: How is IP filtering/ban done in XOOPS protector?
  • 2019/10/7 8:52

  • fabou78

  • Friend of XOOPS

  • Posts: 43

  • Since: 2012/6/16


Indeed RFC 7239 look goods. I though that XFF was a already a standard but as per RFC it is not.

Thanks for this,

Login

Who's Online

73 user(s) are online (39 user(s) are browsing Support Forums)


Members: 0


Guests: 73


more...

Donat-O-Meter

Stats
Goal: $100.00
Due Date: Jul 31
Gross Amount: $0.00
Net Balance: $0.00
Left to go: $100.00
Make donations with PayPal!

Latest GitHub Commits