Are you sure you have correctly done the edit to init.php and uploaded it ? - this is where those constants are defined.

i did edited that file but there was a typo :tired: now it works fine i tested it with a normal proxy and with an anonymous one (the hack doesn't detect this type of proxys) but that's normal nothing you or anybody else cando about it

rgds

So what if a regular user sends the X-Forwarded for header, specifying someone else's IP? Can the user avoid bans/etc?

that's impossible unless you "spoof" an ip adress which isn't so easy ...

Is there any way to ignore reserved private IP ranges? I have several users who show up has having 192.168.x.x or 10.0.x.x as their "real IP".

Great mod, btw.. :)

What exactly do you mean by "ignore them" ?

Show the "real IP" as the proxy IP.

Well I haven't tested it, but this should work ;

Find;
Add below it ;
Obviously this won't change any existing data.

Edit: Updated for full 172 range and 127 range as per posts below.

That seemed to do the trick. Thank you kindly.

Any chance you'll be adding that to your next release?

PS - the range is 172.16.0.0 through 172.31.255.255.. I'm a regex moron, how would I add that range?

preg_match("#^(10|172\.[16-31]|192\.168)\.#", $proxyip))

?