[ad_1]
Hi, team. I run WordPress behind an nginx reverse proxy and login-lockdown blocks the proxy’s IP. I’d suggest this patch. Can it be incorporated?
Thanks!
--- wp-content/plugins/login-lockdown/libs/utility.php.orig
+++ wp-content/plugins/login-lockdown/libs/utility.php
@@ -129,7 +129,9 @@
{
$ip = '';
- if (!empty($_SERVER['REMOTE_ADDR'])) {
+ if(isset($_SERVER['HTTP_X_FORWARDED_FOR']) && !empty($_SERVER['HTTP_X_FORWARDED_FOR'])) {
+ $ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
+ } elseif (!empty($_SERVER['REMOTE_ADDR'])) {
$ip = $_SERVER['REMOTE_ADDR'];
}