Add method to get real IP from CloudFlare headers

2026-01-07 10:41:40 +09:00 · 2016-02-02 09:30:00 +09:00 · 2016-02-02 09:30:00 +09:00 · 343ad39b79
commit 343ad39b79
parent c23ebdb4aa
3 changed files with 47 additions and 23 deletions
--- a/common/constants.php
+++ b/common/constants.php
@ -51,6 +51,11 @@ else
 /**
 * RX_CLIENT_IP_VERSION and RX_CLIENT_IP contain information about the current visitor's IP address.
 */
+if (isset($_SERVER['HTTP_CF_CONNECTING_IP']))
+{
+	include_once __DIR__ . '/framework/ipfilter.php';
+	Rhymix\Framework\IpFilter::getCloudFlareRealIP();
+}
 if (isset($_SERVER['REMOTE_ADDR']) && preg_match('/[0-9]+\.[0-9]+\.[0-9]+\.[0-9]+$/', $_SERVER['REMOTE_ADDR'], $matches))
 {
    define('RX_CLIENT_IP_VERSION', 4);
--- a/common/defaults/cloudflare.php
+++ b/common/defaults/cloudflare.php
@ -6,27 +6,23 @@
 * See: https://www.cloudflare.com/ips
 */
 return array(
-	'ipv4' => array(
-		'103.21.244.0/22',
-		'103.22.200.0/22',
-		'103.31.4.0/22',
-		'104.16.0.0/12',
-		'108.162.192.0/18',
-		'141.101.64.0/18',
-		'162.158.0.0/15',
-		'172.64.0.0/13',
-		'173.245.48.0/20',
-		'188.114.96.0/20',
-		'190.93.240.0/20',
-		'197.234.240.0/22',
-		'198.41.128.0/17',
-		'199.27.128.0/21',
-	),
-	'ipv6' => array(
-		'2400:cb00::/32',
-		'2405:8100::/32',
-		'2405:b500::/32',
-		'2606:4700::/32',
-		'2803:f800::/32',
-	),
+	'103.21.244.0/22',
+	'103.22.200.0/22',
+	'103.31.4.0/22',
+	'104.16.0.0/12',
+	'108.162.192.0/18',
+	'141.101.64.0/18',
+	'162.158.0.0/15',
+	'172.64.0.0/13',
+	'173.245.48.0/20',
+	'188.114.96.0/20',
+	'190.93.240.0/20',
+	'197.234.240.0/22',
+	'198.41.128.0/17',
+	'199.27.128.0/21',
+	'2400:cb00::/32',
+	'2405:8100::/32',
+	'2405:b500::/32',
+	'2606:4700::/32',
+	'2803:f800::/32',
 );
--- a/common/framework/ipfilter.php
+++ b/common/framework/ipfilter.php
@ -91,6 +91,29 @@ class IpFilter
 		return false;
 	}
 	
+	/**
+	 * Get real IP from CloudFlare headers.
+	 * 
+	 * @return string|false
+	 */
+	public static function getCloudFlareRealIP()
+	{
+		if (!isset($_SERVER['HTTP_CF_CONNECTING_IP']))
+		{
+			return false;
+		}
+		
+		$cloudflare_ranges = (include RX_BASEDIR . 'common/defaults/cloudflare.php');
+		foreach ($cloudflare_ranges as $cloudflare_range)
+		{
+			if (self::inRange($_SERVER['REMOTE_ADDR'], $cloudflare_range))
+			{
+				return $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
+			}
+		}
+		return false;
+	}
+	
 	/**
 	 * Check whether the given IPv4 address belongs to a IPv4 CIDR range with mask.
 	 *