Is it possiable to change IP from a middlware?

Moses

Is it possible to change IP from a middleware?

I tried:

$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];

But it doesn't seem to take effect and I don't want to use in index.php etc since I want to use in extensions.

clarkwinkelmann

Moses middlewares can "modify" the $request object by passing down a modified version down to the next middleware (as the request is actually immutable). Altering the global $SERVER variables will likely have no effect given all parts of Flarum read request information from the ServerRequestInterface object.

Can you give more details on what you're trying to accomplish? Reversing Cloudflare IPs can usually be done through Apache/nginx rules and doesn't require changing the PHP software.

Wadera

Don't play with php code - do it on httpd server level, so you will get correct IP displayed everywhere (logs, applications etc)

Nginx

(where 192.168.1.200 is your proxy server):

server {
    #other junk here blah blah
    set_real_ip_from 192.168.1.200/8;
    real_ip_header X-Real-IP;
    real_ip_recursive on;

    location / {
       #some junk here
    }
}

More: https://calvin.me/forward-ip-addresses-when-using-nginx-proxy

Apache

(where 192.168.1.200 is your proxy server):

RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 192.168.1.200

More: https://httpd.apache.org/docs/2.4/mod/mod_remoteip.html#remoteiptrustedproxy

On Proxy side

If you are using nginx as a proxy server - it's nice to have this few variable set if you going trough proxy:

proxy_hide_header X-Powered-By;
add_header Content-Security-Policy "upgrade-insecure-requests";
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header Cache-Control "no-transform" always;
add_header Referrer-Policy no-referrer always;
add_header X-Robots-Tag none;

By the way - if you like Docker - strongly recommend this project: NginxProxyManager