chevron_right
chevron_right
Using the X-Forwarded-For (XFF) Header
Technical Support/Troubleshooting

Using the X-Forwarded-For (XFF) Header

Last Updated a month ago
Article Navigation
Introduction
Common Symptoms
Troubleshooting
Tips for Prevention and Maintenance
Related
Need Further Assistance?

Introduction

Welcome to our troubleshooting guide on using the X-Forwarded-For (XFF) header with Ezoic. This article aims to help you understand the purpose of the XFF header, its common usage scenarios, and how to implement it on your website. By the end of this guide, you will be able to add the XFF header to your PHP, .NET, or WordPress site to ensure that the originating IP address of your users is correctly passed along, even when routing through Ezoic's servers. This is crucial for preventing issues like origin errors or captchas.

Common Symptoms

Common symptoms that indicate the need for using the X-Forwarded-For (XFF) header include:

  1. Incorrect IP Address in Access Logs: When using Ezoic's platform, the access logs may show Ezoic IP addresses rather than the original IP address of the user. This discrepancy occurs because requests from your website visitors are routed through Ezoic's Amazon Cloud Servers (AWS).
  2. Misidentification as Bot Attacks: Occasionally, hosting companies may misinterpret the requests going via Ezoic as a bot attack, due to the requests originating from a single or a few IP addresses rather than a diverse range of IPs.
  3. Origin Errors: Users might experience origin errors if the original IP is not properly forwarded.
  4. 520 Errors: Another symptom can be the occurrence of 520 errors related to the misinterpretation of requests.
  5. Robot Captcha: Users may also encounter your host's Robot Captcha as a result of the misinterpreted requests.

By implementing the XFF header, these symptoms can be mitigated, as the original IP address of the web visitor will be sent through to your server.

Troubleshooting

Adding the X-Forwarded-For (XFF) header in .PHP and .NET

For PHP: $_SERVER['HTTP_X_FORWARDED_FOR'] 

For .NET: HttpContext.Current.Request.Headers["X-Forwarded-For"]

1. Create a backup of your site. You can use tools such as  PHPmyadmin to do this.

2. You will need to put the XFF code in a file that all of your pages access, such as header.php, init.php, or config.php.

3. In one of those files, you should already see $_SERVER['REMOTE_ADDR'] which you can replace with $_SERVER['HTTP_X_FORWARDED_FOR'].

Adding the X-Forwarded-For (XFF) header in WordPress

1. Go to your wp-config.php file

2. The location in the file where you add the code will differ depending on your theme. If you are unsure, please contact your theme's owners.

3. Once you know the correct location, copy and paste the following code into the file

              // Use X-Forwarded-For HTTP Header to Get Visitor's Real IP Address
              if ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
                  $http_x_headers = explode( ',', $_SERVER['HTTP_X_FORWARDED_FOR'] );
                  $_SERVER['REMOTE_ADDR'] = $http_x_headers[0];
              }
            

Alternative Method for WordPress: You can use the Proxy Real IP WordPress plugin available at WordPress Plugin - Proxy Real IP to add the code for you. Note that the effectiveness of this plugin depends on the origin server configuration. Adding the code with the plugin will be effective for some publishers but not all.

Additional Step for Both Methods: 

After implementing the X-Forwarded-For header, you will need to inform your host. They will need to do additional configuring on their end to allow the requests to pass through as expected.

Tips for Prevention and Maintenance

To ensure optimal performance and avoid issues related to the X-Forwarded-For (XFF) header, consider the following tips:

  1. Regular Backups: Before modifying any files, always create a backup of your site.
  2. Stay Updated: Keep your server and related software up to date to minimize compatibility issues and security vulnerabilities. This includes keeping plugins, themes, and the core software updated.
  3. Monitor Logs: Regularly monitor your server logs to ensure that the XFF header is functioning correctly and the original user IP addresses are being recorded as intended.
  4. Consult Documentation: Always refer to the official documentation of your web server, proxy, or load balancer for specific instructions and best practices related to the XFF header.

Following these tips can help maintain the seamless functionality of the XFF header and prevent common issues related to IP address forwarding.

Related

If the X-Forwarded-For method doesn't help, please see this article about how to fix origin errors for more solutions to try.

Need Further Assistance?

If you need further assistance with implemention of an XFF header, please log in via https://support.ezoic.com/ to make use of our dedicated resources for support. We're here to help!
× Enlarged Image

Loading ...