white hornet
I'm currently trying to fetch the auth user IP in a controller.
I've tried:
$request->server('REMOTE_ADDR')
$request->getClientIp()
$request->ip()
but they always return 127.0.0.1 . For reference, I'm using a standard digitalocean server deployed with forge.
Why is this happening?
lusty falcon
Then you're probably behind a proxy. You should then configure the TrustedProxies middleware; https://laravel.com/docs/10.x/requests#configuring-trusted-proxies
white hornet
Then you're probably behind a proxy. You should then configure the `TrustedProxi...
I'm being a proxy? like a vpn? Or my server is behind a proxy?
lusty falcon
The request to your Laravel app is being proxied
white hornet
The request to your Laravel app is being proxied
I see. So how do I figure out what IP to add to this list? Would I be adding 127.0.0.1 ?
novel vale
You might see this if you check your nginx (or equivalent) access logs
white hornet
You might see this if you check your `nginx` (or equivalent) access logs
I'm looking at my nginx access logs but there's a lot of IPs here. What specifically should I be looking for?
novel vale
If you have a proxy before that step, you should see that same IP for every request I think
Note that there may be more than one IP per row, if the proxies add their IP
If your backend is not reachable (no public url/ip) by anything except your proxy/load balancer, you can put '*' in the TrustedProxies settings
white hornet
If you have a proxy before that step, you should see that same IP for every requ...
you should see that same IP for every request I think
I don't think so
does adding '*' to the trusted proxies list make my app vulnerable in some way?
white hornet
If I have a proxy I didn't set it up intentionally. This is the server that the website is hosted on
this is a pretty standard deployment of forge > create droplet. The only thing different is that I have octane set up, I guess?
novel vale
Ok, I haven't used Forge but I'm sure there are some TrustedProxies information somewhere
white hornet
I guess I'll try adding 127.0.0.1 to trustedproxies, and if that doesn't work I'll just add '*'
lusty falcon
I guess I'll try adding 127.0.0.1 to trustedproxies, and if that doesn't work I...
You shouldn't add *
white hornet
You shouldn't add `*`
why?
Update: Adding 127.0.0.1 to trustedproxies fixed the issue.
flint turtle
Update: Adding 127.0.0.1 to trustedproxies fixed the issue.
That isn’t the solution, either. You should be adding the IP address(es) or whatever proxy or load balancer your site is being served by.
lusty falcon
That isn’t the solution, either. You should be adding the IP address(es) or what...
Localhost could be the proxy/lb, right? Albeit a weird setup, yes
white hornet
That isn’t the solution, either. You should be adding the IP address(es) or what...
I don't know why it worked but it worked