.htaccess mod for CDN support.

  • networkhosting

    (@networkhosting)


    11 years ago

    Hi,

    Great plugin.

    An issue I found was with IP address control from CloudFlare CDN.

    1) User has IP 100.100.100.100 connects to host (via CloudFlare CDN)
    2) .htaccess file processing sees the REMOTE_ADDR as CloudFlare IP
    3) Plugin in host converts the FORWARDED-FOR back to REMOTE_ADDR.
    4) PHP calls up WordPress see’s the IP as 100.100.100.100 not CloudFlare IP.

    By the looks of the code only htaccess.php needs modding to make this work.

    Solution .htaccess changes to support both CloudFlare and Direct Traffic.

    SetEnvIf X-FORWARDED-FOR 100.100.100.100 deny
    SetEnvIf REMOTE_ADDR 100.100.100.100 deny
    order allow,deny
    deny from env=deny
    allow from all

    I came across it after seeing hackers POST’ing the wp-login.php and the IP’s added to the .htaccess but no blocking happening.

    A lot of providers offer CloudFlare support even if it’s not advertised so I think it would be an awesome feature to support.

    Big Thanks.

Viewing 1 replies (of 1 total)
  • Plugin Author Fresh-Media

    (@jan-paul-kleemans)

    11 years ago

    Hi,

    Thanks for your post.

    I will take a look at it, and include the fix in the next version.

    JP

Viewing 1 replies (of 1 total)

The topic ‘.htaccess mod for CDN support.’ is closed to new replies.