XMF Cookbook
  • Introduction
  • XMF Cookbook
  • Basic Ingredients
    • Namespaces
    • Autoloading
    • Debugging
    • Forward Compatibility
  • Recipes
    • Introducing Module Helpers
    • Using the Permission Helper
      • Checking Permissions
      • Managing Item Permissions
    • Using the Session Helper
    • Using JSON Web Tokens
    • Altering Database Tables
    • Migrating a Module's Database
    • Loading Initial Data
    • Module Admin Pages
      • Hide and Seek with Icons
      • Standard Admin Pages
    • Manage Metadata
    • Highlighting Content
  • Reference
    • Assert
      • Assertions
    • Database
      • Migrate
      • TableLoad
      • Tables
        • Getting Started
        • Table Operations
        • Working with Columns
        • Working with Indexes
        • Changing Table Data
        • Interacting with the Work Queue
        • Error Info and Debugging
    • Debug
    • FilterInput
    • Highlighter
    • IPAddress
    • Jwt
      • JsonWebToken
      • KeyFactory
      • TokenFactory
      • TokenReader
    • Key
      • ArrayStorage
      • Basic
      • FileStorage
      • KeyAbstract
      • StorageInterface
    • Language
    • Metagen
      • Extracting Data
      • Applying Data
    • Module
      • Admin
      • Helper
      • Helper
        • AbstractHelper
        • Cache
        • GenericHelper
        • Permission
        • Session
    • ProxyCheck
    • Random
    • Request
    • StopWords
    • Uuid
    • Yaml
  • Credits
  • License:
  • Table of Content
Powered by GitBook
On this page
  1. Reference

ProxyCheck

PreviousSessionNextRandom

Last updated 5 years ago

Xmf\ProxyCheck handles proxy detection for Xmf\IPAddress

Note: There is normally no direct use of this class outside of Xmf\IPAddress.

If your XOOPS system runs behind a proxy such as a load balancer, by default will return the address of your proxy, not the client address.

To have IPAddress use ProxyCheck to report the client IP, establish a proxy_env key in xoops_data/configs/xoopsconfig.php that reflects the header name your proxy is configured to use to indicate the IP address of client that initiated the current request. Note that the value expected is the PHP $_SERVER variable key set to hold that header, not the actual HTTP header name.

Example for :

'proxy_env' => 'HTTP_FORWARDED',

Example for the common Client-IP header:

'proxy_env' => 'HTTP_CLIENT_IP',

Example for the common X-Forwarded-For header:

'proxy_env' => 'HTTP_X_FORWARDED_FOR',

If the $_SERVER key specified in proxy_env exists, the IP address specified in that header will be used by Xmf\IPAddress if it is valid and routable.

Note: This class is intended to be used only with a proxy you (or your hosting) control that sets the header you specifed. That proxy should also NOT forward to you any proxy related headers it did not set. Relying on the IP address in any other context, such as trying to peer behind a client side proxy, raises serious security concerns.

Xmf\IPAddress
RFC 7239