Hiawathaproxy 127.0.0.1

[LotsOfQ]

I use WordPress and installed Bulletproof Security. For some reason that plugin is not able to get the server ip address. The plugin display 127.0.0.1 as the server ip.

Code: [Select]

Server|Website IP Address: 127.0.0.1

[LotsOfQ]

By the way, I did asked the plugin creator and they said it might have something to do with Hiawatha server security settings because it blocks similar things that the plugin htaccess codes block.

[MRatWork]

Update to latest version and then run cleanup. After cleanup you will see '/opt/configs/apache/conf/globals/remoteip/conf' if using Apache 2.4.

[LotsOfQ]

So  I see this.

Code: [Select]

<IfModule mod_remoteip.c>
<IfVersion >= 2.4>
#RemoteIPInternalProxy 127.0.0.1

#RemoteIPHeader X-Real-IP
#RemoteIPHeader X-Client-IP
</IfVersion>
So I change 127.0.0.1 to my server ip? And do I need to delete (#) for all there?

[MRatWork]

Try remove '#' and then run restart-web.

[LotsOfQ]

So remove all 3 # like this without changing the ip?

Code: [Select]

<IfModule mod_remoteip.c>
<IfVersion >= 2.4>
RemoteIPInternalProxy 127.0.0.1

RemoteIPHeader X-Real-IP
RemoteIPHeader X-Client-IP
</IfVersion>

[MRatWork]

You need testing according your issue.

[LotsOfQ]

Ok, so I ended using this.

Code: [Select]

<IfModule mod_remoteip.c>
<IfVersion >= 2.4>
RemoteIPInternalProxy 127.0.0.1

#RemoteIPHeader X-Real-IP
#RemoteIPHeader X-Client-IP
</IfVersion>
By doing that, now, part of the plugin works.

I think I should give you more details. Bulletproof Security have a "maintenance mode" and when setup and have it turn on. I should able to work on my WordPress site seeing it normal and edit it but visitors will see a maintenance page.

But that didn't work. I logged and have my ip address added to the whitelist and I still see the maintenance page as visitors do.

Another issue was that before making this change:

Code: [Select]

<IfModule mod_remoteip.c>
<IfVersion >= 2.4>
RemoteIPInternalProxy 127.0.0.1

#RemoteIPHeader X-Real-IP
#RemoteIPHeader X-Client-IP
</IfVersion>I was getting 403 error when I clicked the "Preview" button to preview the maintenance page. After that change, I did able to see the preview.

The main issue is still exist which is it still take me to the maintenance page even with me logged in and ip added to whitelist.

If check Bulletproof Security system info then one thing that is not right according to the creator is that the "Server|Website IP Address: 127.0.0.1". It shows the actual server ip.

He said:

host server/server configuration is breaking BPS MMode

I assume the Proxy configuration problem still exists where your Proxy is misconfigured in a way that it is not passing processing to your backend like a Proxy should always do normally

[MRatWork]

Did you run restart-web after update conf file.

[LotsOfQ]

Yes, I even reboot too.

[LotsOfQ]

+

[MRatWork]

I am not sure about it. Enable remote_ip make trouble with this forum. So, why I make disable about it.

I didn't found this issue for wordpress. Try check 'Bulletproof Security' to how to find remote ip.