How to get real visitor IP address in vBulletin when using CloudFlare or Sucuri

glennrocksvb started a blog post How to get real visitor IP address in vBulletin when using CloudFlare or Sucuri
06-13-2017, 05:57 PM
How to get real visitor IP address in vBulletin when using CloudFlare or Sucuri

Cloudflare and Sucuri act as a reverse proxy for sites using their service, which means that all of the visitor IPs will show as theirs. So if you are on the Who's Online page, you will see CloudFlare/Sucuri IP addresses instead of the actual visitor IPs. If you got spammers on your site, you wouldn't be able to ban their IP addresses, otherwise, you would ban the CloudFlare/Sucuri IPs.

To resolve this, vBulletin 4.2+ and 5.1.9+ have a Reverse Proxy IP feature that can be easily configured in config.php file.

Using an FTP client (e.g. FileZilla) or cPanel File Manager, navigate to the config.php file and edit it. For vB5, the file is located at <forum root directory>/core/includes/config.php. For vB4, it is located at <forum root directory>/includes/config.php.

Scroll down to the Reverse Proxy IP section. Below is a snippet of this section:

PHP Code:

/* #### Reverse Proxy IP #### If your use a system where the main IP address passed to vBulletin is the address of a proxy server and the actual 'real' ip address is passed in another http header then you enter the details here */ /* Enter your known proxy servers here. You can list multiple trusted IPs separated by a comma. You can also use the * wildcard (at the end of a definition only) or use the keyword 'all' to represent any ip address.*/ //$config['Misc']['proxyiplist'] = '127.0.0.1, 192.168.*, all'; /* If the real IP is passed in a http header variable other than HTTP_X_FORWARDED_FOR, then you can set the name here; */ //$config['Misc']['proxyipheader'] = 'HTTP_X_FORWARDED_FOR';

As you can see, the settings are commented out (has // in front). This means that those settings are ignored. To enable them, you have to remove the // and then change the values accordingly.

For vB5, you can use the keyword 'all' in the 'proxyiplist' setting and you don't have to enumerate all the CloudFlare/Sucuri IP addresses. You can also use IP ranges. But I prefer using the 'all' keyword so I don't have to maintain the IP list which can get updated. This is what I did here on this site.

For vB4, I believe you have to specify the list of all CloudFlare/Sucuri IP addresses. No IP ranges or 'all' keyword.

Link to the CloudFlare IP addresses:

IP Ranges

https://www.cloudflare.com/ips/

This page is intended to be the definitive source of Cloudflare’s current IP ranges.

Link to the Sucuri IP addresses (scroll down to vBulletin 4.2+)

Page not found | Sucuri Docs

https://kb.sucuri.net/firewall/Troubleshooting/same-user-ip

For rhe 'proxyipheader' settings, you can keep the default proxyipheader value 'HTTP_X_FORWARDED_FOR' for CloudFlare. If that doesn't work, then use 'CF-Connecting-IP'.
For Sucuri, use 'HTTP_X_SUCURI_CLIENTIP'.

To summarize:

CloudFlare (vB5): (this is what I used on this site)

PHP Code:

$config['Misc']['proxyiplist'] = 'all'; // or use the IP addresses in https://www.cloudflare.com/ips/ $config['Misc']['proxyipheader'] = 'HTTP_X_FORWARDED_FOR'; // or use 'CF-Connecting-IP'

CloudFlare (vB4):

PHP Code:

$config['Misc']['proxyiplist'] = '<use the CloudFlare IP addresses>'; // IP addresses in https://www.cloudflare.com/ips/ $config['Misc']['proxyipheader'] = 'HTTP_X_FORWARDED_FOR'; // or use 'CF-Connecting-IP'

Sucuri (vB5):

PHP Code:

$config['Misc']['proxyiplist'] = 'all'; // or use the IP addresses in https://kb.sucuri.net/firewall/Troubleshooting/same-user-ip (scroll down to vBulletin 4.2+) $config['Misc']['proxyipheader'] = 'HTTP_X_SUCURI_CLIENTIP';

Sucuri (vB4):

PHP Code:

$config['Misc']['proxyiplist'] = '<use the Sucuri IP addresses>'; // IP addresses in https://kb.sucuri.net/firewall/Troubleshooting/same-user-ip (scroll down to vBulletin 4.2+) $config['Misc']['proxyipheader'] = 'HTTP_X_SUCURI_CLIENTIP';

Last edited by glennrocksvb; 06-13-2017, 10:14 PM.
Tags: None

Top

Translate

Bottom

Likes 3
6 - 10

10 comments
- #6
  
  dhemo commented
  
  06-11-2018, 02:44 AM
  
  Editing a comment
  
  It was very useful thanks for sharing
  درمان هموروئید
  
  Top
  
  Translate
  
  Bottom
- #7
  
  carl4466 commented
  
  06-20-2018, 07:40 AM
  
  Editing a comment
  
  Thanksss!!!!!
  
  Top
  
  Translate
  
  Bottom
- #8
  
  CorinthiansESC commented
  
  08-22-2018, 11:47 PM
  
  Editing a comment
  
  Thanks for sharing this.
  
  Was looking for a solution
  
  Top
  
  Translate
  
  Bottom
  
  Likes 1
- #9
  
  Kathie Marmolejos commented
  
  10-17-2018, 05:54 AM
  
  Editing a comment
  
  It is interesting to read your blog post and I am going to share it with my friends.
  
  Last edited by glennrocksvb; 10-17-2018, 12:08 PM. Reason: Removed spam link
  
  Top
  
  Translate
  
  Bottom
- #10
  
  Forumboy commented
  
  06-12-2019, 11:10 PM
  
  Editing a comment
  
  Nice work, Thank you
  
  Top
  
  Translate
  
  Bottom
Previous template Next

You must be logged in to post a comment.

Reply to Hi, I'm starting over

in Introductions

by glennrocksvb

Welcome to vBMods.rocks MikeSD! Thanks for a nice intro.

Hope you'll find some useful stuff here....

Today, 12:23 PM
Get Affordable and Fast VPS for vBulletin
Hi, I'm starting over

in Introductions

by MikeSD

My web host went out of business after nearly 20 years. I had to do backups of all my Forums to a new site. That's when I started having problems....

04-15-2024, 03:57 AM
Reply to error in Google indexing missing field ‘name’ (in ‘author’)

in vBulletin Issues & Questions

by glennrocksvb

Glad to help! ...

Today, 12:21 PM

Announcement

How to get real visitor IP address in vBulletin when using CloudFlare or Sucuri

How to get real visitor IP address in vBulletin when using CloudFlare or Sucuri

Users Viewing This Page

Latest Posts