|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
I'm experiencing some erratic behaviour with 'Who's Online'.
There are never more than 6 Anonymous guests and I haven't seen any spiders online since the upgrade to 7.6.0. (The spider list is in-tact.)
Is there perhaps a setting that I've missed?
(EDIT- the spider issue could just be that I haven't been checking until now.)
Last edited by driv; 03/02/2017 8:14 AM.
|
|
|
|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
I use Sucuri's firewall. I previously posted that all my users appeared to be originating from the same IP. Gizmo suggested that I use this snippet in ubbthreads.php if(isset($_SERVER['HTTP_X_SUCURI_CLIENTIP']))
{
$_SERVER["REMOTE_ADDR"] = $_SERVER['HTTP_X_SUCURI_CLIENTIP'];
}
It worked. However, I've just realised that since the upgrade, my users are once again appearing to regsiter from the same IP The new snippet below is taken from ubbthreads.php } elseif(isset($_SERVER["HTTP_X_SUCURI_CLIENTIP"])) {
$user_ip = $_SERVER["HTTP_X_SUCURI_CLIENTIP"];
} Any suggestions?
|
|
|
|
Joined: Jun 2006
Posts: 16,301 Likes: 116
|
Joined: Jun 2006
Posts: 16,301 Likes: 116 |
One of the other ip variables is also set, load the phpinfo page in the dashboard and check which is set; till need to move your particular line up above the others (the downside to there being so many options). Just slapped this together, give it a run and see which shows correct IP's first: forwarded.php (Isaac found a larger list than mine) don't use this list (it was missing HTTP_X_SUCURI_CLIENTIP anyway), use the one one in my below post, this is left here for reference
<?php
if(isset($_SERVER["GD_PHP_HANDLER"])) {
echo("A ". $_SERVER["GD_PHP_HANDLER"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_AKAMAI_ORIGIN_HOP"])) {
echo("B ". $_SERVER["HTTP_AKAMAI_ORIGIN_HOP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_SUCURI_CLIENTIP"])) {
echo("C ". $_SERVER["HTTP_X_SUCURI_CLIENTIP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
echo("D ". $_SERVER["HTTP_CF_CONNECTING_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_CLIENT_IP"])) {
echo("E ". $_SERVER["HTTP_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_FASTLY_CLIENT_IP"])) {
echo("F ". $_SERVER["HTTP_FASTLY_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_FORWARDED"])) {
echo("G ". $_SERVER["HTTP_FORWARDED"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_FORWARDED_FOR"])) {
echo("H ". $_SERVER["HTTP_FORWARDED_FOR"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_INCAP_CLIENT_IP"])) {
echo("I ". $_SERVER["HTTP_INCAP_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_TRUE_CLIENT_IP"])) {
echo("J ". $_SERVER["HTTP_TRUE_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_CLIENTIP"])) {
echo("K ". $_SERVER["HTTP_X_CLIENTIP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_CLUSTER_CLIENT_IP"])) {
echo("L ". $_SERVER["HTTP_X_CLUSTER_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_FORWARDED"])) {
echo("M ". $_SERVER["HTTP_X_FORWARDED"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_IP_TRAIL"])) {
echo("N ". $_SERVER["HTTP_X_IP_TRAIL"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_REAL_IP"])) {
echo("O ". $_SERVER["HTTP_X_REAL_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_VARNISH"])) {
echo("P ". $_SERVER["HTTP_X_VARNISH"] ."<br>\n");
} else {
echo("Q ". $_SERVER["REMOTE_ADDR"] ."<br>\n");
}
?>
These are pretty standard, hence why they where first: HTTP_FORWARDED_FOR HTTP_X_FORWARDED_FOR I'd love to see your results from forwarded.php, are you on a CDN? I'm on CloudFlare, and theirs is second from last (because none of the others where set during testing).
|
|
|
|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
Yep, just 6 anonymous online all day, even when the time frame is extended to 5 hours!
Existing anonymous users just get bumped when new ones come on.
|
|
|
|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
Where should forwarded.php go?
I put it in the main forum directory and it output 'N' and 109.155.22.*** (my ip).
In php info the output was...
HTTP_X_REAL_IP 109.155.22.*** HTTP_X_SUCURI_CLIENTIP 109.155.22.***
I don't use a CDN.
Last edited by driv; 03/03/2017 1:59 PM. Reason: CDN
|
|
|
|
Joined: Jun 2006
Posts: 16,301 Likes: 116
|
Joined: Jun 2006
Posts: 16,301 Likes: 116 |
The list I gave you before was missing the "HTTP_X_SUCURI_CLIENTIP" line, use the below check instead, since it's what we actually use. Cloud Hosting, or a CDN, proxy, load balancer, or server firewall all change potential superglobals, something is being populated before the HTTP_X_SUCURI_CLIENTIP global that UBB.threads is looking for.
|
|
|
|
Joined: Jun 2006
Posts: 16,301 Likes: 116
|
Joined: Jun 2006
Posts: 16,301 Likes: 116 |
We currently check for (in order): $_SERVER["HTTP_FORWARDED_FOR"] $_SERVER["HTTP_X_FORWARDED_FOR"] $_SERVER["HTTP_X_CLUSTER_CLIENT_IP"] $_SERVER["HTTP_X_SUCURI_CLIENTIP"] $_SERVER["HTTP_CF_CONNECTING_IP"] $_SERVER["REMOTE_ADDR"]; Your ($_SERVER["HTTP_X_SUCURI_CLIENTIP"]) and CF are at the bottom and should only be selected when one of the "forwarded for" lines isn't used, try JUST this bit: <?php
if(isset($_SERVER["HTTP_FORWARDED_FOR"])) {
echo("AA: ". $_SERVER["HTTP_FORWARDED_FOR"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
echo("AB: ". $_SERVER["HTTP_X_FORWARDED_FOR"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_CLUSTER_CLIENT_IP"])) {
echo("AC: ". $_SERVER["HTTP_X_CLUSTER_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_SUCURI_CLIENTIP"])) {
echo("AD: ". $_SERVER["HTTP_X_SUCURI_CLIENTIP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
echo("AE: ". $_SERVER["HTTP_CF_CONNECTING_IP"] ."<br>\n");
} else {
echo("AF: ". $_SERVER["REMOTE_ADDR"] ."<br>\n");
}
?> I need the EXACT output from the server, feel free to blank out your IP, but I need to read any returned input, ESPECIALLY if it is NOT your IP address.
|
|
|
|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
Of course. This is the EXACT ouput...
|
|
|
|
Joined: Jun 2006
Posts: 16,301 Likes: 116
|
Joined: Jun 2006
Posts: 16,301 Likes: 116 |
Yeah, I thought that was the problem; use: // What is the users IP address? Are they behind a Firewall, Proxy, or are they using a CDN?
if(isset($_SERVER["HTTP_X_SUCURI_CLIENTIP"])) {
$user_ip = $_SERVER["HTTP_X_SUCURI_CLIENTIP"];
} elseif(isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$user_ip = $_SERVER["HTTP_CF_CONNECTING_IP"];
} elseif(isset($_SERVER["HTTP_FORWARDED_FOR"])) {
$user_ip = $_SERVER["HTTP_FORWARDED_FOR"];
} elseif(isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
$user_ip = $_SERVER["HTTP_X_FORWARDED_FOR"];
} elseif(isset($_SERVER["HTTP_X_CLUSTER_CLIENT_IP"])) {
$user_ip = $_SERVER["HTTP_X_CLUSTER_CLIENT_IP"];
} else {
$user_ip = $_SERVER["REMOTE_ADDR"];
} In your /ubbthreads.php file.
|
|
|
|
Joined: Jun 2006
Posts: 16,301 Likes: 116
|
Joined: Jun 2006
Posts: 16,301 Likes: 116 |
I'd like to state for the record that your firewall on your server sucks, HTTP_X_FORWARDED_FOR should always translate to the real user IP address, lol. The X-Forwarded-For (XFF) HTTP header field was a common method for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. The XFF HTTP request header was introduced by the Squid caching proxy server's developers. An RFC was proposed at the Internet Engineering Task Force (IETF).
|
|
|
|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
I'd like to state for the record that your firewall on your server sucks, HTTP_X_FORWARDED_FOR should always translate to the real user IP address, lol. Of course, I'll be happy to mention that to Sucuri. Especially as they are supposed to be professionals in their field. Thank you Gizmo, I'll try this and get back to you.
|
|
|
|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
Yep that's it. Several spiders and loads of anon users.
Give that man a payrise!
|
|
|
|
Joined: Jun 2006
Posts: 16,301 Likes: 116
|
Joined: Jun 2006
Posts: 16,301 Likes: 116 |
I have the change in a proposed fix for v7.6.1; I'm looking at additional information to add as well, if you wouldn't mind testing a code snippit for me later since you're a good test case using that firewall (versus my only being able to test behind a cdn).
|
|
|
|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
No worries mate - happy to help.
|
|
|
|
Joined: Jun 2006
Posts: 16,301 Likes: 116
|
Joined: Jun 2006
Posts: 16,301 Likes: 116 |
Awesome, could you (or anyone really that has a site behind a firewall, CDN, or are using a proxy to connect) run the below kludge and copy me the output; it'll grab all the information that I think we will need to go forward. ipheaders.php
<?php
if(isset($_SERVER["GD_PHP_HANDLER"])) {
echo("A ". $_SERVER["GD_PHP_HANDLER"] ."<br>\n");
}
if(isset($_SERVER["HTTP_AKAMAI_ORIGIN_HOP"])) {
echo("B ". $_SERVER["HTTP_AKAMAI_ORIGIN_HOP"] ."<br>\n");
}
if(isset($_SERVER["HTTP_X_SUCURI_CLIENTIP"])) {
echo("C ". $_SERVER["HTTP_X_SUCURI_CLIENTIP"] ."<br>\n");
}
if(isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
echo("D ". $_SERVER["HTTP_CF_CONNECTING_IP"] ."<br>\n");
}
if(isset($_SERVER["HTTP_CLIENT_IP"])) {
echo("E ". $_SERVER["HTTP_CLIENT_IP"] ."<br>\n");
}
if(isset($_SERVER["HTTP_FASTLY_CLIENT_IP"])) {
echo("F ". $_SERVER["HTTP_FASTLY_CLIENT_IP"] ."<br>\n");
}
if(isset($_SERVER["HTTP_FORWARDED"])) {
echo("G ". $_SERVER["HTTP_FORWARDED"] ."<br>\n");
}
if(isset($_SERVER["HTTP_FORWARDED_FOR"])) {
echo("H ". $_SERVER["HTTP_FORWARDED_FOR"] ."<br>\n");
}
if(isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
echo("I ". $_SERVER["HTTP_X_FORWARDED_FOR"] ."<br>\n");
}
if(isset($_SERVER["HTTP_INCAP_CLIENT_IP"])) {
echo("J ". $_SERVER["HTTP_INCAP_CLIENT_IP"] ."<br>\n");
}
if(isset($_SERVER["HTTP_TRUE_CLIENT_IP"])) {
echo("K ". $_SERVER["HTTP_TRUE_CLIENT_IP"] ."<br>\n");
}
if(isset($_SERVER["HTTP_X_CLIENTIP"])) {
echo("L ". $_SERVER["HTTP_X_CLIENTIP"] ."<br>\n");
}
if(isset($_SERVER["HTTP_X_CLUSTER_CLIENT_IP"])) {
echo("M ". $_SERVER["HTTP_X_CLUSTER_CLIENT_IP"] ."<br>\n");
}
if(isset($_SERVER["HTTP_X_FORWARDED"])) {
echo("N ". $_SERVER["HTTP_X_FORWARDED"] ."<br>\n");
}
if(isset($_SERVER["HTTP_X_IP_TRAIL"])) {
echo("O ". $_SERVER["HTTP_X_IP_TRAIL"] ."<br>\n");
}
if(isset($_SERVER["HTTP_X_REAL_IP"])) {
echo("P ". $_SERVER["HTTP_X_REAL_IP"] ."<br>\n");
}
if(isset($_SERVER["HTTP_X_VARNISH"])) {
echo("Q ". $_SERVER["HTTP_X_VARNISH"] ."<br>\n");
}
echo("R ". $_SERVER["REMOTE_ADDR"] ."<br>\n");
echo("----------<br>\n\n");
if(isset($_SERVER["GD_PHP_HANDLER"])) {
echo("A ". $_SERVER["GD_PHP_HANDLER"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_AKAMAI_ORIGIN_HOP"])) {
echo("B ". $_SERVER["HTTP_AKAMAI_ORIGIN_HOP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_SUCURI_CLIENTIP"])) {
echo("C ". $_SERVER["HTTP_X_SUCURI_CLIENTIP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
echo("D ". $_SERVER["HTTP_CF_CONNECTING_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_CLIENT_IP"])) {
echo("E ". $_SERVER["HTTP_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_FASTLY_CLIENT_IP"])) {
echo("F ". $_SERVER["HTTP_FASTLY_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_FORWARDED"])) {
echo("G ". $_SERVER["HTTP_FORWARDED"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_FORWARDED_FOR"])) {
echo("H ". $_SERVER["HTTP_FORWARDED_FOR"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
echo("I ". $_SERVER["HTTP_X_FORWARDED_FOR"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_INCAP_CLIENT_IP"])) {
echo("J ". $_SERVER["HTTP_INCAP_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_TRUE_CLIENT_IP"])) {
echo("K ". $_SERVER["HTTP_TRUE_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_CLIENTIP"])) {
echo("L ". $_SERVER["HTTP_X_CLIENTIP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_CLUSTER_CLIENT_IP"])) {
echo("M ". $_SERVER["HTTP_X_CLUSTER_CLIENT_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_FORWARDED"])) {
echo("N ". $_SERVER["HTTP_X_FORWARDED"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_IP_TRAIL"])) {
echo("O ". $_SERVER["HTTP_X_IP_TRAIL"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_REAL_IP"])) {
echo("P ". $_SERVER["HTTP_X_REAL_IP"] ."<br>\n");
} elseif(isset($_SERVER["HTTP_X_VARNISH"])) {
echo("Q ". $_SERVER["HTTP_X_VARNISH"] ."<br>\n");
} else {
echo("R ". $_SERVER["REMOTE_ADDR"] ."<br>\n");
}
echo("----------<br>\n\n");
function fetch_ip() {
if(isset($_SERVER["GD_PHP_HANDLER"])) {
return($_SERVER["GD_PHP_HANDLER"]);
} elseif(isset($_SERVER["HTTP_AKAMAI_ORIGIN_HOP"])) {
return($_SERVER["HTTP_AKAMAI_ORIGIN_HOP"]);
} elseif(isset($_SERVER["HTTP_X_SUCURI_CLIENTIP"])) {
return($_SERVER["HTTP_X_SUCURI_CLIENTIP"]);
} elseif(isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
return($_SERVER["HTTP_CF_CONNECTING_IP"]);
} elseif(isset($_SERVER["HTTP_CLIENT_IP"])) {
return($_SERVER["HTTP_CLIENT_IP"]);
} elseif(isset($_SERVER["HTTP_FASTLY_CLIENT_IP"])) {
return($_SERVER["HTTP_FASTLY_CLIENT_IP"]);
} elseif(isset($_SERVER["HTTP_FORWARDED"])) {
return($_SERVER["HTTP_FORWARDED"]);
} elseif(isset($_SERVER["HTTP_FORWARDED_FOR"])) {
return($_SERVER["HTTP_FORWARDED_FOR"]);
} elseif(isset($_SERVER["HTTP_X_FORWARDED_FOR"])) {
return($_SERVER["HTTP_X_FORWARDED_FOR"]);
} elseif(isset($_SERVER["HTTP_INCAP_CLIENT_IP"])) {
return($_SERVER["HTTP_INCAP_CLIENT_IP"]);
} elseif(isset($_SERVER["HTTP_TRUE_CLIENT_IP"])) {
return($_SERVER["HTTP_TRUE_CLIENT_IP"]);
} elseif(isset($_SERVER["HTTP_X_CLIENTIP"])) {
return($_SERVER["HTTP_X_CLIENTIP"]);
} elseif(isset($_SERVER["HTTP_X_CLUSTER_CLIENT_IP"])) {
return($_SERVER["HTTP_X_CLUSTER_CLIENT_IP"]);
} elseif(isset($_SERVER["HTTP_X_FORWARDED"])) {
return($_SERVER["HTTP_X_FORWARDED"]);
} elseif(isset($_SERVER["HTTP_X_IP_TRAIL"])) {
return($_SERVER["HTTP_X_IP_TRAIL"]);
} elseif(isset($_SERVER["HTTP_X_REAL_IP"])) {
return($_SERVER["HTTP_X_REAL_IP"]);
} elseif(isset($_SERVER["HTTP_X_VARNISH"])) {
return($_SERVER["HTTP_X_VARNISH"]);
} else {
return($_SERVER["REMOTE_ADDR"]);
}
}
echo(fetch_ip());
?>
First section will populate any matches of a super global, second section will show you what UBB.threads will see, the third is a resulting function. Output should be similar to: D 67.170.150.xxx
I 67.170.150.xxx,67.170.150.xxx
R 108.162.245.xxx
----------
D 67.170.150.xxx
----------
67.170.150.xxx
|
|
|
|
Joined: Jan 2004
Posts: 2,474 Likes: 3
Pooh-Bah
|
Pooh-Bah
Joined: Jan 2004
Posts: 2,474 Likes: 3 |
C 109.155.22.*** H 185.93.228.10 O 109.155.22.*** Q 185.93.228.10 ---------- C 109.155.22.*** ---------- 109.155.22.***
|
|
|
|
Joined: Feb 2007
Posts: 1,294 Likes: 2
Veteran
|
Veteran
Joined: Feb 2007
Posts: 1,294 Likes: 2 |
Gizmo, I'm running behind the same firewall my server is running behind. I loop out to my IP Gateway and right back in to the server. The IP Gateway is 11 IP addresses above the IP address the server is sitting under. Here are my results: R 192.168.3.1 ---------- R 192.168.3.1 ---------- 192.168.3.1 The IP address in this test is the LAN IP address for the firewall. The test PHP file is located at http://www.jaisp.com/ipheaders.php and this is what I typed in my web browser. My Internal IP address is 192.168.3.15 My Server Internal IP address is 192.168.3.100
|
|
|
1 members (Ruben),
1,277
guests, and
207
robots. |
Key:
Admin,
Global Mod,
Mod
|
|
|
|