[Koha-bugs] [Bug 36304] New: Update C4::Auth in_iprange function to work when Koha is hosted behind a cloudflare proxy
bugzilla-daemon at bugs.koha-community.org
bugzilla-daemon at bugs.koha-community.org
Wed Mar 13 09:17:01 CET 2024
https://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=36304
Bug ID: 36304
Summary: Update C4::Auth in_iprange function to work when Koha
is hosted behind a cloudflare proxy
Change sponsored?: ---
Product: Koha
Version: 23.05
Hardware: All
OS: All
Status: NEW
Severity: major
Priority: P5 - low
Component: Architecture, internals, and plumbing
Assignee: koha-bugs at lists.koha-community.org
Reporter: vanoudt at gmail.com
QA Contact: testopia at bugs.koha-community.org
Created attachment 163104
-->
https://bugs.koha-community.org/bugzilla3/attachment.cgi?id=163104&action=edit
Patch CF::Auth in_iprange to allow for CloudFlare proxying
When Koha is run behind a cloudflare proxy, cloudflare obfuscates the
REMOTE_ADDR that is provided to koha. It does, however, add another header that
we can use to check the actual origin of the client - HTTP_CF_CONNECTING_IP.
This patch simply checks to see if this new header is present, indicating koha
is behind the cloudflare poroxy, and uses it instead of REMOTE_ADDR to check if
a client's IP address is in a valid range.
--
You are receiving this mail because:
You are the assignee for the bug.
You are watching all bug changes.
More information about the Koha-bugs
mailing list