CODEWITHSUNDEEP
symfonyreverse-proxy
Koc
Koc

Reputation: 2375

Symfony's Request and reverse proxy

I've apache2 and nginx. I set "trust proxy headers" to true in configuration, but anyway get internal ip when calls $request->getClientIp(); What do I wrong?

If I calling getClientIp with parameter $proxy = true then I getting correct IP. But there is configuration where proxy headers enabled, aren't that enough?

Upvotes: 4

Views: 4223

Answers (2)

Koc
Koc

Reputation: 2375

Actually this is an issue, fixed by this merge https://github.com/symfony/symfony/commit/40599ec0a24e688ef5903e2bd3cfb29b5ab29a18

Upvotes: 1

Inoryy
Inoryy

Reputation: 8425

In short: you always need to use $proxy = true if you're planning on using some kind of reverse proxy. With this parameter set (and trustProxyData(); enabled), $this->getClientIp(); will return the correct IP with reverse proxy.

Explanation: even after configured, proxy headers will return HTTP_X_FORWARDED_FOR or HTTP_CLIENT_IP as the user IP, while REMOTE_ADDR will return server localhost address (most likely 127.0.0.1). $proxy = true checks exactly that. Here's the source code for this function:

public function getClientIp($proxy = false)
{
    if ($proxy) {
        if ($this->server->has('HTTP_CLIENT_IP')) {
            return $this->server->get('HTTP_CLIENT_IP');
        } elseif (self::$trustProxy && $this->server->has('HTTP_X_FORWARDED_FOR')) {
            return $this->server->get('HTTP_X_FORWARDED_FOR');
        }
    }

    return $this->server->get('REMOTE_ADDR');
}

Upvotes: 0

Related Questions