From e7ecda7578ea72738e2791e2b15612d907ae8ced Mon Sep 17 00:00:00 2001 From: Seamus Lee Date: Wed, 17 Jul 2019 00:39:08 +1000 Subject: [PATCH] Ensure that if present the HTTP_X_FORWARDED_FOR IP address is used instead of the SERVER_ADDR when logging items from the IDS Update Core IP address to match IDS Pattern --- CRM/Core/IDS.php | 6 ++---- 1 file changed, 2 insertions(+), 4 deletions(-) diff --git a/CRM/Core/IDS.php b/CRM/Core/IDS.php index 4d0d513e2c01..02e9730d2d63 100644 --- a/CRM/Core/IDS.php +++ b/CRM/Core/IDS.php @@ -247,10 +247,8 @@ public function react(IDS_Report $result) { * @return bool */ private function log($result, $reaction = 0) { - $ip = (isset($_SERVER['SERVER_ADDR']) && - $_SERVER['SERVER_ADDR'] != '127.0.0.1') ? $_SERVER['SERVER_ADDR'] : ( - isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : '127.0.0.1' - ); + // Include X_FORWARD_FOR ip address if set as per IDS patten. + $ip = $_SERVER['REMOTE_ADDR'] . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : ''); $data = []; $session = CRM_Core_Session::singleton();