Title: Wordfence problem when using Reverse Proxy. Last modified: September 17, 2023 --- # Wordfence problem when using Reverse Proxy. * Resolved [Hoang Nam](https://wordpress.org/support/users/gnam389/) * (@gnam389) * [2 years, 8 months ago](https://wordpress.org/support/topic/wordfence-problem-when-using-reverse-proxy/) * Hello, when I use this plugin and enable the Reverse Proxy feature, an unexpected error occurs. For example, if a visitor logs in with the wrong password many times using the admin user, Wordfence will block the IP of the Reverse Proxy VPS but will not block the visitor’s IP address. Is there any way to fix this? Thank you. Viewing 2 replies - 1 through 2 (of 2 total) * Plugin Support [wfpeter](https://wordpress.org/support/users/wfpeter/) * (@wfpeter) * [2 years, 8 months ago](https://wordpress.org/support/topic/wordfence-problem-when-using-reverse-proxy/#post-17058895) * Hi [@gnam389](https://wordpress.org/support/users/gnam389/), thanks for getting in touch. * The reverse proxy address _may_ still be seen by the site using one of the `REMOTE_ADDR`,` CF-Connecting-IP`, `X-Real-IP`, or `X-Forwarded-For` values so the genuine visitor IP may be in one of the others or comma-separated with another. * Take note of your own IP on your main device: [https://www.whatsmyip.org](https://www.whatsmyip.org). Then head over to **Wordfence > All Options > General Wordfence Options > How does Wordfence get IPs** and reference the area under that section that says ** Detected IPs** and **Your IP** with this setting. See if any of the options there when picked accurately reflect **your** IP. If one does, don’t forget to hit the **SAVE CHANGES** button in the top-right after you’re done. * If the visitor IP is present but being sent comma-separated with a proxy or other address, you can allow for this by clicking on the text link “**+Edit trusted proxies**” and add the IP that isn’t yours to exclude it from detection. * If the visitor IP isn’t present at all, this can be down to a misconfigured reverse proxy and the administrator/host will need to start sending this information for Wordfence to accurately detect visitors. * Let us know how you get on! Peter. * [traqbar](https://wordpress.org/support/users/traqbar/) * (@traqbar) * [2 years, 2 months ago](https://wordpress.org/support/topic/wordfence-problem-when-using-reverse-proxy/#post-17496381) * I was getting blocked once I installed a nginx reverse proxy. Adding the below code helped resolve the correct visitor IP to be received and resolving https issues. * ```wp-block-code if ($_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') $_SERVER['HTTPS']='on'; if ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) { $mte_xffaddrs = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR'] ); $_SERVER['REMOTE_ADDR'] = $mte_xffaddrs[0]; } ``` Viewing 2 replies - 1 through 2 (of 2 total) The topic ‘Wordfence problem when using Reverse Proxy.’ is closed to new replies. * ![](https://ps.w.org/wordfence/assets/icon.svg?rev=2070865) * [Wordfence Security - Firewall, Malware Scan, and Login Security](https://wordpress.org/plugins/wordfence/) * [Frequently Asked Questions](https://wordpress.org/plugins/wordfence/#faq) * [Support Threads](https://wordpress.org/support/plugin/wordfence/) * [Active Topics](https://wordpress.org/support/plugin/wordfence/active/) * [Unresolved Topics](https://wordpress.org/support/plugin/wordfence/unresolved/) * [Reviews](https://wordpress.org/support/plugin/wordfence/reviews/) * 2 replies * 3 participants * Last reply from: [traqbar](https://wordpress.org/support/users/traqbar/) * Last activity: [2 years, 2 months ago](https://wordpress.org/support/topic/wordfence-problem-when-using-reverse-proxy/#post-17496381) * Status: resolved