[uwcfx]

Quote:

Originally Posted by nhawk

vB uses these server variables to establish which IP is used for a member...

This is used first...

Code:

$_SERVER['REMOTE_ADDR']

If any of these are set, then the IP used is changed to the set value...

Code:

$_SERVER['HTTP_X_FORWARDED_FOR']

$_SERVER['HTTP_CLIENT_IP']

$_SERVER['HTTP_FROM']

Then if a proxy list is defined in config.php, the IP can be changed again to the proxy IP.

Hi, here's what I have set up as test now.

Code:

<?php
var_dump($_SERVER['REMOTE_ADDR']);
var_dump($_SERVER['HTTP_X_FORWARDED_FOR']);
var_dump($_SERVER['HTTP_CLIENT_IP']);
var_dump($_SERVER['HTTP_FROM']);
?>

And here's the output.

Code:

string(13) "1.2.3.4" string(13) "1.2.3.4" NULL NULL

Where 1.2.3.4 is my actual home routers address which I've confirmed multiple times.

Here's the relevant part in config.php, all commented out which I presume is default.

Code:

/* Enter your known [trusted] proxy servers here. You can list multiple trusted IPs separated by a comma.*/
//$config['Misc']['proxyiplist'] = '127.0.0.1, 192.168.1.6';

/* If the real IP is passed in a http header variable other than HTTP_X_FORWARDED_FOR, then you can set the name here; */
//$config['Misc']['proxyipheader'] = 'HTTP_X_FORWARDED_FOR';

... yet still if someone manage to block their account, all accounts gets blocked and the Server1 gets listed in the automated e-mail to our forumadministrator e-mail address, for example:

Code:

Dear USER,

Someone has tried to log into your account on Mayzus Forum with an incorrect password at least 5 times. This person has been prevented from attempting to login to your account for the next 15 minutes.

The person trying to log into your account had the following IP address: 4.3.2.1 (Server1)

All the best

Thank you.