Title: Obtaining the Real IP Address of Visitors After Using CDN in Wordpress
Tags: WordPress
ID: '1037'
Categories:
-
- Tutorial
Date: 2019-11-17 19:13:44
Cover:
AI: true
- Tutorial
Explanation: Due to using a Hong Kong server to bypass the record filing process in China, when viewing comments in the Wordpress backend, the IP address displayed is that of the CDN instead of the actual visitor's IP address. This is not a significant issue. However, recently, when the Limit Login Attempts plugin sent me an email about someone attempting to brute force the backend password, the displayed IP address was also that of the CDN. It is troublesome to block the CDN IP address, so I searched for a solution and found one in a tutorial on Baidu Baike.
- Use software like WinSCP to open the
wp-config.phpfile in Wordpress. - Paste the following code after the first
<!--?phptag in thewp-config.phpfile:
if(isset($_SERVER['HTTP_X_FORWARDED_FOR']))
{
$list = explode(‘,’,$_SERVER['HTTP_X_FORWARDED_FOR']);
$_SERVER['REMOTE_ADDR'] = $list[0];
}
- Save the modified file.
- Update the
wp-config.phpfile in your Wordpress directory.
Principle Analysis: In our Wordpress, we use the "REMOTE_ADDR" function to obtain the visitor's IP address. By replacing the function with "HTTP_X_FORWARDED_FOR", it usually solves the issue.