Edventures in Normalcy

FusionReactor and Forwarded Headers

Posted by Rose Bush on November 6th, 2015

In some cases, FusionReactor may be behind a load balancer or CDN, or any other type of proxy that updates the source IP as seen by the server. It helps to see where the requests are actually originating from. For that, FusionReactor has an option for this:
http://www.fusion-reactor.com/support/kb/frs-351/

See the Requests>Settings>Proxy, which lets you tell FR that you need it to use some alternative header for the “real” ip address..

You will see that in the “proxy header” field there is a drop-down, but it doesn’t show your specific header, rather a couple of the most common alternatives. Just paste the name of your header into that field and save the configuration changes.

Once you have saved this change, you should be able to check the Requests>History page to confirm that you now see the real IP’s showing up.

Filed under: Code or Hosting | Comment (0)

Testing http header IP forwarding

Posted by Rose Bush on May 5th, 2015

I need to determine what the application sees versus what is being sent, these scripts helped me see the discrepancy and validate the change once resolved:

<?php

header('Expires: 0'); // Proxies.
header('Cache-Control: no-store, no-cache, must-revalidate'); // HTTP 1.1.
header('Cache-Control: post-check=0, pre-check=0', FALSE);
header('Pragma: no-cache'); // HTTP 1.0.

$client  = @$_SERVER['HTTP_CLIENT_IP'];
$forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];
$remote  = $_SERVER['REMOTE_ADDR'];

print ('This page was generated ' . date(DATE_RFC2822) . '.');
print ("<br /><br /><br />Client IP address reported by the REMOTE_ADDR variable is $remote");
print ("<br /><br />Client IP address reported by the HTTP_X_FORWARDED_FOR variable is $forward");
print ("<br /><br />Client IP address reported by the HTTP_CLIENT_IP variable is $client");

if(filter_var($client, FILTER_VALIDATE_IP))
{
    $ip = $client;
}
elseif(filter_var($forward, FILTER_VALIDATE_IP))
{
    $ip = $forward;
}
else
{
    $ip = $remote;
}

print ("<br /><br /><br />Client IP address determined to be $ip");
print ('<br /><br /><form method="POST"> <input type="submit" name="b1" value="Force Reload." /></form>');

?>

<?php

header('Expires: 0'); // Proxies.

header('Cache-Control: no-store, no-cache, must-revalidate'); // HTTP 1.1.

header('Cache-Control: post-check=0, pre-check=0', FALSE);

header('Pragma: no-cache'); // HTTP 1.0.

$client = @$_SERVER['HTTP_CLIENT_IP'];

$forward = @$_SERVER['HTTP_X_FORWARDED_FOR'];

$remote = $_SERVER['REMOTE_ADDR'];

print ('This page was generated ' . date(DATE_RFC2822) . '.');

print ("<br /><br /><br />Client IP address reported by the REMOTE_ADDR variable is $remote");

print ("<br /><br />Client IP address reported by the HTTP_X_FORWARDED_FOR variable is $forward");

print ("<br /><br />Client IP address reported by the HTTP_CLIENT_IP variable is $client");

if(filter_var($client, FILTER_VALIDATE_IP))

{

$ip = $client;

}

elseif(filter_var($forward, FILTER_VALIDATE_IP))

{

$ip = $forward;

}

else

{

$ip = $remote;

}

print ("<br /><br /><br />Client IP address determined to be $ip");

print ('<br /><br /><form method="POST"> <input type="submit" name="b1" value="Force Reload." /></form>');

The above does allow you to force a post, as the original case was behind a caching server.

Filed under: Code or Hosting | Comment (0)

Edventures in Normalcy

FusionReactor and Forwarded Headers

Testing http header IP forwarding

Search:

Archives