Support for Cloudflare

  • Resolved Anonymous User 15053166

    (@anonymized-15053166)


    8 years, 2 months ago

    Could support for Cloudflare’s ‘CF-Connecting-IP’ header (or the ‘X-Forwarded-For’ HTTP header) be added for last login IP? Sites protected by Cloudflare on shared hosting have limited options for getting Cloudflare IP addressed to show up.

Viewing 6 replies - 1 through 6 (of 6 total)
  • Thread Starter Anonymous User 15053166

    (@anonymized-15053166)

    8 years, 2 months ago

    Also, the ‘https://www.ip-adress.com/search’ site does not support IPv6 addresses.

    Thread Starter Anonymous User 15053166

    (@anonymized-15053166)

    8 years, 2 months ago

    Alright. Thank you for the response. I’ve already made some temporary changes to the plugin for real IP addresses to show up. The issue is where the if/else statements check the HTTP headers, and the order does’t seem to be compatible with Cloudflare.

    Plugin Author Andrew Lima

    (@andrewza)

    8 years, 1 month ago

    Hey @wackywired135.

    Thank you for your patience, I am getting the plugin GDPR ready since IP Addresses serve as personal identifying information.

    So with the new update we will be anonymizing the user’s IP address as per Google Analytics.

    I figured to add in a filter wll_user_ip_address which takes a string (ip address 127.0.0.1 for example) that will allow you to:

    1. Get IP address from CloudFlare before IP address is stored + anonymized.
    2. Scramble the IP address further before it’s stored + anonymized.

    This will be released prior to 25 May to be ready for GDPR, other than making the IP anonymous.

    I believe the plugin is already GDPR ready as the only personal information the plugin stores is the user’s IP address if enabled.

    I will need to test this further on a site that uses CloudFlare and see how the IP addresses are handled and I am working hard on getting this out there with a bunch of fixes to When Last Login.

    I hope this helps!

    Thread Starter Anonymous User 15053166

    (@anonymized-15053166)

    8 years, 1 month ago

    Happy to hear the Cloudflare will be supported! Good catch for the GDPR too. By anonymization, do you mean that the user’s IP address will be grabbed (from Cloudflare or normally), obfuscated, then stored?

    A scheduled cron event could also be used to completely delete logs after a certain time period.

    Plugin Author Andrew Lima

    (@andrewza)

    8 years ago

    Yes, we following what Google Anayltics does by removing the last digit of the IP address and replacing it with a 0.

    We are working on a cron job / tool to delete logs that are older than X days. We are still deciding on what is the best way to handle this.

    For clarification, the filter allows you to capture from CloudFlare or any other IP service that may act as a layer for a user and then store the obfuscated IP address.

    This will be released before GDPR date! 🙂

    Thread Starter Anonymous User 15053166

    (@anonymized-15053166)

    8 years ago

    Awesome, thanks for being so responsive! It’s a great plugin for seeing when/if someone’s logged in to a site. Just gave it a review. 🙂

Viewing 6 replies - 1 through 6 (of 6 total)

The topic ‘Support for Cloudflare’ is closed to new replies.

  • 6 replies
  • 0 participants
  • Last reply from: Anonymous User 15053166
  • Last activity: 8 years ago
  • Status: resolved