Detecting visitor IP - Githubissues

harrystech / prelaunchr

A small and simple Rails 4 project that is ready to be used as a prelaunch site. It includes all the necessary requirements like prize groups, open/closed states, and simple social sharing.

MIT License

888 stars 532 forks source link

Detecting visitor IP #9

Open waruboy opened 10 years ago

waruboy commented 10 years ago

In the users_controller, you use request.env['HTTP_X_FORWARDED_FOR'] to detect the visitor IP. In my case, I'm using a standalone phusion passenger setup, and found it not working.

I change it to request.remote_ip, then it works. Later, I change my setup using nginx in front of phusion passenger. Still works.

Is there any reason you use request.env['HTTP_X_FORWARDED_FOR'] instead of request.remote_ip ?

werkshy commented 10 years ago

We tend to run Rails apps on Heroku, in which case the routing layer acts as an HTTP proxy and request.ip is the IP of the proxy, not the user. The correct approach would be to use 'X-Forwarded-For' only if it is present:

request.env.fetch('HTTP_X_FORWARDED_FOR', request.remote_ip)

danielschwartz commented 10 years ago

^^ what this guy said

manusajith commented 10 years ago

@werkshy @danielschwartz I too faced similar situation using nginx and phusion passenger and had to tweak that piece of code. Would be great if this is changed in the code or add some reference in the README regarding this.

sl4vr commented 8 years ago

I've made pull request https://github.com/harrystech/prelaunchr/pull/43 with solution.