Set $REMOTE_ADDR to real client IP

Question

I am hosting a WordPress site on Heroku with Nginx. DNS is behind CloudFlare.

My WordPress plugins reports Heroku IPs instead of real client IPs.

I have the following Nginx rules:

location / {
    try_files $uri $uri/ /index.php?$args;

    proxy_set_header    X-Real-IP       $remote_addr;
    proxy_set_header    Host            $host;
    proxy_set_header    X-Forwarded-For $http_cf_connecting_ip;
}

# Allow for internal Heroku router - 10.x.x.x
set_real_ip_from  10.0.0.0/24;

# Allow for external CloudFlare proxies - https://www.cloudflare.com/ips
set_real_ip_from 199.27.128.0/21;
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 104.16.0.0/12;

# Recursively process X-Forwarded-For header
real_ip_recursive on;
real_ip_header    X-Forwarded-For;

Full config can be found on https://github.com/wphuman/heroku-buildpack-php/tree/master/conf/nginx

Whenever WordPress plugins try to read the remote address header $_SERVER['REMOTE_ADDR'], they read a 10.x.x.x Heroku IP.

Is there any way to set REMOTE_ADDR to real client IPs?

Thanks

I have no control on the WordPress plugins. Is there any way to set `REMOTE_ADDR` to `X-Real-IP`? — tangrufus, Jan 06 '15 at 22:30
No. Configure your wordpress. I'm sure there is somw way to do it. Wordpress behind nginx/apache is really common configuration — Alexey Ten, Jan 06 '15 at 22:39
You forgot to include your complete nginx configuration, and it is almost certainly necessary here. Please edit your question to include the configuration, not just a link to it. — Michael Hampton, Jul 08 '15 at 13:47

score -2 · Answer 1 · answered Jul 08 '15 at 02:59

-2

Just add this line:

proxy_set_header REMOTE_ADDR $remote_addr;

answered Jul 08 '15 at 02:59

laike9m

117
4

7

This does not work, as nginx cant force the REMOTE_ADDR because it is determined by proxied server as where the request is coming from that is why there are additional headers needs to be set by proxy server proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; and by proxied server those needs to be checked and overwrited as remote_addr. hope this helps. – Oct 28 '16 at 01:39
This does not work. because the backend server takes $remote_addr variable from socket options and when you set REMOTE_ADDR, actually you set $http_remote_addr not $remote_addr. – Ghasem Pahlavan Oct 23 '19 at 08:47

Set $REMOTE_ADDR to real client IP

1 Answers1