{"id":194,"date":"2010-11-14T15:25:08","date_gmt":"2010-11-14T20:25:08","guid":{"rendered":"http:\/\/www.compdigitec.com\/labs\/?p=194"},"modified":"2010-11-14T15:25:08","modified_gmt":"2010-11-14T20:25:08","slug":"correcting-ip-address-of-php-behind-reverse-proxy","status":"publish","type":"post","link":"http:\/\/www.compdigitec.com\/labs\/2010\/11\/14\/correcting-ip-address-of-php-behind-reverse-proxy\/","title":{"rendered":"Correcting IP address of PHP behind a reverse proxy"},"content":{"rendered":"<p>As described in our <a href=\"\/labs\/2010\/10\/30\/reverse-proxy-x-forwarded-for-patches-for-wordpress-comments-and-bad-behaviour\/\">previous post<\/a>, normally the PHP REMOTE_HOST variable only appears as the address of the trusted proxy server. As was also described in the past, this messes up all of the PHP scripts not explicitly designed to work with REMOTE_HOST. But now we have a solution for this &#8211; the apache <a href=\"http:\/\/stderr.net\/apache\/rpaf\/\">mod_rpaf<\/a>. This mod is capable of changing the IP variables in the server superglobal to the actual IP.<\/p>\n<p><strong>Prerequisites<\/strong><br \/>\nInstall the libapache2-mod-rpaf:<\/p>\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">sudo apt-get install libapache2-mod-rpaf<\/pre>\n<p><strong>Procedure<\/strong><\/p>\n<ol>\n<li>Open <strong>\/etc\/apache2\/httpd.conf<\/strong> and add the following text, replacing 1.2.3.4 with the name of your trusted proxy server:\n<pre class=\"brush: xml; title: ; notranslate\" title=\"\">\r\n&lt;IfModule mod_rpaf.c&gt;\r\n\tRPAFenable On\r\n\tRPAFsethostname On\r\n\tRPAFproxy_ips 1.2.3.4\r\n&lt;\/IfModule&gt;\r\n<\/pre>\n<\/li>\n<li>Save the file and restart the Apache server:\n<pre class=\"brush: bash; title: ; notranslate\" title=\"\">sudo \/etc\/init.d\/apache2 restart<\/pre>\n<\/li>\n<\/ol>\n<p><strong>Note<\/strong>: If you are getting 502 Bad Gateway errors coming out of your gateway and you are using IIS, disable the TCP port forwarding in IIS Admin. It can be found in the ARR page -&gt; Proxy. Then uncheck &#8220;include client TCP numbers&#8221;.<\/p>","protected":false},"excerpt":{"rendered":"<p>As described in our previous post, normally the PHP REMOTE_HOST variable only appears as the address of the trusted proxy server. As was also described in the past, this messes up all of the PHP scripts not explicitly designed to work with REMOTE_HOST. But now we have a solution for this &#8211; the apache mod_rpaf. [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[14,3],"tags":[16,725,726,711,693,727,864,729,728],"_links":{"self":[{"href":"http:\/\/www.compdigitec.com\/labs\/wp-json\/wp\/v2\/posts\/194"}],"collection":[{"href":"http:\/\/www.compdigitec.com\/labs\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/www.compdigitec.com\/labs\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/www.compdigitec.com\/labs\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/www.compdigitec.com\/labs\/wp-json\/wp\/v2\/comments?post=194"}],"version-history":[{"count":0,"href":"http:\/\/www.compdigitec.com\/labs\/wp-json\/wp\/v2\/posts\/194\/revisions"}],"wp:attachment":[{"href":"http:\/\/www.compdigitec.com\/labs\/wp-json\/wp\/v2\/media?parent=194"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/www.compdigitec.com\/labs\/wp-json\/wp\/v2\/categories?post=194"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/www.compdigitec.com\/labs\/wp-json\/wp\/v2\/tags?post=194"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}