website behind Cloudflare not block because IP is not detected properly

antonioribeiro / firewall

Firewall package for Laravel applications

BSD 3-Clause "New" or "Revised" License

1.39k stars 162 forks source link

website behind Cloudflare not block because IP is not detected properly #156

Closed nachete1987 closed 4 years ago

nachete1987 commented 4 years ago

When the website is behind cloudflare, the IP that is recived in $firewall->getIp() is the cloudflare IP. I resolve it with the following code in '/pragmarx/firewall/src/Filters/Blacklist.php'

if ($firewall->isBlacklisted($ipAddress = isset($_SERVER["HTTP_CF_CONNECTING_IP"])? $_SERVER["HTTP_CF_CONNECTING_IP"] : $request->ip())) {

antonioribeiro commented 4 years ago

Should be fixed in the next version.