We use Cloudflare with our nopCommerce website, and when a customer places an order, Cloudflare's IP address is saved as the "Customer IP address" for that order as opposed to the customer's actual IP.
I found some comments online that said I needed to change the "The header used to retrieve the originating client IP" setting in the "Hosting configuration" section of the App Settings to "CF-Connecting-IP", which I did, restarted the app, and it is still saving Cloudflare's IP instead of the customer's IP address.
I have tried having the "User proxy servers" setting on and off, with that "CF-Connecting-IP" value saved, and neither fixed the issue. We've even added Cloudflare's IP ranges in the "Addresses of known proxies" and that did not fix the issue.
How can I make it log the customer's IP? While I do have admin access, I do not have direct access to the code, so making a source code change is not really feasible. Is there nothing in the settings that work? We can't be the only ones facing this issue.
Cloudflare issue
MVP
- 11328
- 101032
- 22/05/2011
- United States
Maybe this will help, but otherwise it may be best to contact Cloudflare support.
https://stackoverflow.com/questions/20113296/how-to-set-the-x-forwarded-for-header-on-iis-reverse-proxy-setup
https://stackoverflow.com/questions/20113296/how-to-set-the-x-forwarded-for-header-on-iis-reverse-proxy-setup
- 13
- 105
- 20/02/2019
- United States
I am seeking clarification regarding the functionality of the 'The header used to retrieve the originating client IP' setting in the 'Hosting configuration' section. It appears that despite Cloudflare sending the header IP information as expected, there seems to be an issue with nopCommerce recognizing it.
To me, Cloudflare is performing as expected, it's the nopCommerce setting not working as intended.
To me, Cloudflare is performing as expected, it's the nopCommerce setting not working as intended.
Membri del team
- 16616
- 155915
- 22/10/2008
- Armenia
Thanks a lot for reporting. We'll investigate it soon - https://github.com/nopSolutions/nopCommerce/issues/6953
- 7
- 45
- 19/01/2020
- United Arab Emirates
jfurn wrote:
Did you find solution for the issue. I tried nopcomemrce bug fix but until now the issue happening.
We use Cloudflare with our nopCommerce website, and when a customer places an order, Cloudflare's IP address is saved as the "Customer IP address" for that order as opposed to the customer's actual IP.
I found some comments online that said I needed to change the "The header used to retrieve the originating client IP" setting in the "Hosting configuration" section of the App Settings to "CF-Connecting-IP", which I did, restarted the app, and it is still saving Cloudflare's IP instead of the customer's IP address.
I have tried having the "User proxy servers" setting on and off, with that "CF-Connecting-IP" value saved, and neither fixed the issue. We've even added Cloudflare's IP ranges in the "Addresses of known proxies" and that did not fix the issue.
How can I make it log the customer's IP? While I do have admin access, I do not have direct access to the code, so making a source code change is not really feasible. Is there nothing in the settings that work? We can't be the only ones facing this issue.
I found some comments online that said I needed to change the "The header used to retrieve the originating client IP" setting in the "Hosting configuration" section of the App Settings to "CF-Connecting-IP", which I did, restarted the app, and it is still saving Cloudflare's IP instead of the customer's IP address.
I have tried having the "User proxy servers" setting on and off, with that "CF-Connecting-IP" value saved, and neither fixed the issue. We've even added Cloudflare's IP ranges in the "Addresses of known proxies" and that did not fix the issue.
How can I make it log the customer's IP? While I do have admin access, I do not have direct access to the code, so making a source code change is not really feasible. Is there nothing in the settings that work? We can't be the only ones facing this issue.
Did you find solution for the issue. I tried nopcomemrce bug fix but until now the issue happening.
Membri del team
- 16616
- 155915
- 22/10/2008
- Armenia
Hosam.Bedawy wrote:
Yes, this fix works fine (of course, tested)
Did you find solution for the issue. I tried nopcomemrce bug fix but until now the issue happening.
Yes, this fix works fine (of course, tested)
- 7
- 45
- 19/01/2020
- United Arab Emirates
a.m. wrote:
Sorry i have limited experience but after applying the fix and test it's working fine with IPv4 but not working as expected with IPv6.
Did you find solution for the issue. I tried nopcomemrce bug fix but until now the issue happening.
Yes, this fix works fine (of course, tested)
Yes, this fix works fine (of course, tested)
Sorry i have limited experience but after applying the fix and test it's working fine with IPv4 but not working as expected with IPv6.
- 7
- 45
- 19/01/2020
- United Arab Emirates
After checking found that the code in WebHelper
public virtual string GetCurrentIpAddress()
{
if (!IsRequestAvailable())
return string.Empty;
if(_httpContextAccessor.HttpContext.Connection?.RemoteIpAddress is not IPAddress remoteIp)
return "";
if(remoteIp.Equals(IPAddress.IPv6Loopback))
return IPAddress.Loopback.ToString();
return remoteIp.MapToIPv4().ToString();
}
Maps an IPv6 address to its IPv4 equivalent. but giving wrong IP.
I applied update this way which give the results correctly.
public virtual string GetCurrentIpAddress()
{
if (!IsRequestAvailable())
return string.Empty;
var remoteIpAddress = _httpContextAccessor.HttpContext.Connection?.RemoteIpAddress;
if (remoteIpAddress is not null)
{
// If it's an IPv6 address, return it directly
if (remoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetworkV6)
return remoteIpAddress.ToString();
// If it's an IPv4-mapped IPv6 address, extract the IPv4 part
if (remoteIpAddress.IsIPv4MappedToIPv6)
return remoteIpAddress.MapToIPv4().ToString();
return remoteIpAddress.ToString();
}
return string.Empty;
}
Please correct me if it's wrong way to do it.
Thanks,
public virtual string GetCurrentIpAddress()
{
if (!IsRequestAvailable())
return string.Empty;
if(_httpContextAccessor.HttpContext.Connection?.RemoteIpAddress is not IPAddress remoteIp)
return "";
if(remoteIp.Equals(IPAddress.IPv6Loopback))
return IPAddress.Loopback.ToString();
return remoteIp.MapToIPv4().ToString();
}
Maps an IPv6 address to its IPv4 equivalent. but giving wrong IP.
I applied update this way which give the results correctly.
public virtual string GetCurrentIpAddress()
{
if (!IsRequestAvailable())
return string.Empty;
var remoteIpAddress = _httpContextAccessor.HttpContext.Connection?.RemoteIpAddress;
if (remoteIpAddress is not null)
{
// If it's an IPv6 address, return it directly
if (remoteIpAddress.AddressFamily == System.Net.Sockets.AddressFamily.InterNetworkV6)
return remoteIpAddress.ToString();
// If it's an IPv4-mapped IPv6 address, extract the IPv4 part
if (remoteIpAddress.IsIPv4MappedToIPv6)
return remoteIpAddress.MapToIPv4().ToString();
return remoteIpAddress.ToString();
}
return string.Empty;
}
Please correct me if it's wrong way to do it.
Thanks,
Membri del team
- 550
- 6660
- 17/12/2015
- Armenia
Hi. In 4.70 we took into account the incorrect operation of the GetCurrentIpAddress method; details can be found in this ticket. Overall, you did everything right. But we abandoned the idea of mapping v6 to v4, even if it was possible, to preserve the original IP