monicahq / laravel-cloudflare Goto Github PK
View Code? Open in Web Editor NEWAdd Cloudflare ip addresses to trusted proxies for Laravel.
License: MIT License
laravel-cloudflare's People
Contributors
![dependabot-preview[bot] avatar](https://avatars.githubusercontent.com/in/2141?v=4 "dependabot-preview[bot]")
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot]")
Stargazers
Watchers
Forkers
fossabot zae zek sportsmediagb maan56 summercms wjchoi87 jozeflambrecht mvdnbrk mansourbeta laptrinhcomvn fsuuaas jhemmmm whoami15 it-can lyhiving songvessel alitaleghani antoniourraca tahidur tocsindata z1flexiblesolution geekwolverine laravel-shift zhanang19 daiduong47laravel-cloudflare's Issues
Laravel Octane
Is this compatible with Laravel Octane? Won't this have a memory leak because every request you're re-merging $this->proxies using array_merge in https://github.com/monicahq/laravel-cloudflare/blob/main/src/Http/Middleware/TrustProxies.php#L21?
I can´t get the visitor real ip ussing this package
I can´t get the visitor real ip ussing this package, please can you asist me?, thanks!
Dependabot can't resolve your PHP dependency files
Dependabot can't resolve your PHP dependency files.
As a result, Dependabot couldn't update your dependencies.
The error Dependabot encountered was:
Received unexpected http status code 0 without error for https://repo.packagist.org/p2/php-http/promise~dev.json: headers array (
0 => 'HTTP/1.0 200 OK',
) curl info array (
'url' => 'https://repo.packagist.org/p2/php-http/promise~dev.json',
'content_type' => NULL,
'http_code' => 0,
'header_size' => 19,
'request_size' => 481,
'filetime' => -1,
'ssl_verify_result' => 0,
'redirect_count' => 0,
'total_time' => 0.032777,
'namelookup_time' => 0.001371,
'connect_time' => 0.001456,
'pretransfer_time' => 0.011146,
'size_upload' => 0.0,
'size_download' => 0.0,
'speed_download' => 0.0,
'speed_upload' => 0.0,
'download_content_length' => -1.0,
'upload_content_length' => -1.0,
'starttransfer_time' => 0.03277,
'redirect_time' => 0.0,
'redirect_url' => '',
'primary_ip' => '172.20.1.2',
'certinfo' =>
array (
),
'primary_port' => 1080,
'local_ip' => '172.20.1.3',
'local_port' => 55770,
'http_version' => 0,
'protocol' => 2,
'ssl_verifyresult' => 0,
'scheme' => 'HTTPS',
)
If you think the above is an error on Dependabot's side please don't hesitate to get in touch - we'll do whatever we can to fix it.
Add another trusted proxy to array
How can I add another trusted proxy (example 122.0.0.1) to the list of trusted proxies (of Cloudways)? So I want to use both..
in config\trustedproxy.php, I have:
'proxies' => ['122.0.0.1'], // [<ip addresses>,], '*'
in app\Http\Kernel.php I have:
protected $middleware = [
\Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode::class,
// \App\Http\Middleware\TrustProxies::class,
\Monicahq\Cloudflare\Http\Middleware\TrustProxies::class,
// \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
\App\Http\Middleware\TrimStrings::class,
];
Thanks!
Runs in testing and local environments
I just upgraded from 1.x to 3.x as part of a Laravel 8 -> 9 upgrade, and I was surprised my test suite jumped from 90 seconds to over 6 minutes. After profiling with XDebug, I traced it back to this package. The middleware was running on every feature test and fetching the IPs from Cloudflare, then storing to the cache. But since the cache is array for testing, every individual test started with an empty cache causing a lot of calls to Cloudflare.
I'd recommend adding something to the README about this. It was unexpected for me, and I'm probably not the only person who will run into this. Thanks!
Possible to include own trusted proxies as well?
Let's say I want to include CloudFlare IP addresses as trusted proxies, but I also have a load balancer or additional IP addresses that I would like to include in the final list.
Is there a simple way to achieve that using this package?
Best,
laravel6 support please release
CloudFlare did not update their IP range
Noticed that IP: 141.101.104.31 is not on their list, while the do use it.
% This is the RIPE Database query service.
% The objects are in RPSL format.
%
% The RIPE Database is subject to Terms and Conditions.
% See http://www.ripe.net/db/support/db-terms-conditions.pdf
% Note: this output has been filtered.
% To receive output for a database update, use the "-B" flag.
% Information related to '141.101.104.0 - 141.101.111.255'
% Abuse contact for '141.101.104.0 - 141.101.111.255' is '[email protected]'
inetnum: 141.101.104.0 - 141.101.111.255
netname: CLOUDFLARE-EU
descr: CloudFlare CDN network
country: EU
admin-c: CAC80-RIPE
tech-c: CTC6-RIPE
status: ASSIGNED PA
mnt-by: MNT-CLOUDFLARE
mnt-lower: MNT-CLOUDFLARE
mnt-routes: MNT-CLOUDFLARE
created: 2012-09-04T18:27:12Z
last-modified: 2012-09-04T18:34:32Z
source: RIPE
person: Cloudflare Abuse Contact
address: 101 Townsend Street, San Francisco, CA 94107, US
phone: +1 (650) 319-8930
remarks: All Cloudflare abuse reporting can be done via https://www.cloudflare.com/abuse
nic-hdl: CAC80-RIPE
mnt-by: MNT-CLOUDFLARE
created: 2012-06-01T23:27:49Z
last-modified: 2018-06-10T10:14:26Z
source: RIPE Filtered
person: Cloudflare Technical Contact
address: 101 Townsend Street, San Francisco, CA 94107, US
phone: +1 (650) 319-8930
nic-hdl: CTC6-RIPE
mnt-by: MNT-CLOUDFLARE
created: 2012-06-01T23:35:57Z
last-modified: 2018-06-10T10:16:13Z
source: RIPE Filtered
% This query was served by the RIPE Database Query Service version 1.96 (HEREFORD)
Laravel Nova
We could not login into Laravel Nova using this package facing below error.
TrustProxies no longer valid after update to v3.7
Description
After updating to laravel-cloudflare v3.7 the laravel helper request()->isFromTrustedProxy() returns false, meaning any https URL requests get redirected to http, but because I'm enforcing https the project ends up in a 301 redirect loop.
Expected Behavior
I'm expecting the assigned full qualified URL of my resource (in this case a Page on the project website) to match the requested URL or request()->url().
Actual Behavior
Unfortunately the request()->url() returns a scheme of 'http' because the request()->isFromTrustedProxy() returns false.
Context
In my web.php route file I have the following code:
if ( $resource->uri !== '/' && $resource->url !== request()->url() && $resource->url !== request()->url() . '/' ) return redirect($resource->url, 301);
This is designed for the requested resource to redirect to the assigned qualified URL - if the http request doesn't match. This includes redirecting the user if they have used a non-secure scheme to request the resource.
Possible Reason
It seems to be related to how it determines if the current requesting IP is in the Trusted Proxy array as received from Cloudflare. Because the environment 'REMOTE_ADDR' is now being set from 'Cf-Connecting-Ip' it is using the users IP address to determine if it is in the trusted Cloudflare array (which of course it couldn't be).
Your Environment
Laravel v9.21
Laravel does not use fideloper/trustedproxy anymore
Since commit laravel/framework#38295 laravel does not use the fideloper/trustedproxy anymore
Call to a member function get() on null
I am getting the following error while using the package.
Call to a member function get() on null
Its is found at vendor/monicahq/laravel-cloudflare/src/Http/Middleware/TrustProxies.php:18
$proxies = Cache::get($this->config->get('laravelcloudflare.cache'), []);
This is how i add my own proxies
namespace App\Http\Middleware;
#use Fideloper\Proxy\TrustProxies as Middleware;
use App\Abstractions\DBHandler;
use Monicahq\Cloudflare\Http\Middleware\TrustProxies as Middleware;
use Illuminate\Http\Request;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array|string
*/
protected $proxies;
protected $DBHandler;
/**
* The headers that should be used to detect proxies.
*
* @var int
*/
protected $headers = Request::HEADER_X_FORWARDED_ALL;
public function __construct(DBHandler $DBHandler)
{
$this->DBHandler = $DBHandler;
$this->proxies = $this->DBHandler->getEndpointsMainIPAddresses();
}
}
This package prevents Cloudflare creating a lot of session data in the database?
We have cloudflare enabled on our website, as proxy, and it is creating a lot of sessions into our laravel session DB, I need sometimes after clear the cloudflare cache, to clear all Cloudflare's IP's in the session database like:
delete from sessions where ip_address like '172.69.3.%'; -- cloudflare
delete from sessions where ip_address like '172.68.24.%'; -- cloudflare
delete from sessions where ip_address like '172.68.25.%'; -- cloudflare
delete from sessions where ip_address like '162.158.19%'; -- cloudflare
delete from sessions where ip_address like '162.158.75.%'; -- cloudflare
delete from sessions where ip_address like '162.158.224.%'; -- cloudflare
delete from sessions where ip_address like '108.162.215.%'; -- cloudflare
delete from sessions where ip_address like '173.245.54.%'; -- cloudflare
delete from sessions where ip_address like '172.68.54.%'; -- cloudflare
delete from sessions where ip_address like '162.158.75.%'; -- cloudflare
delete from sessions where ip_address like '108.162.215.%'; -- cloudflare
delete from sessions where ip_address like '173.245.54.%'; -- cloudflare
delete from sessions where ip_address like '141.101.76.%'; -- cloudflare
delete from sessions where ip_address like '188.114.111.%'; -- cloudflare
delete from sessions where ip_address like '162.158.11%'; -- cloudflare
delete from sessions where ip_address like '162.158.7%'; -- cloudflare
delete from sessions where ip_address like '162.158.%'; -- cloudflare
delete from sessions where ip_address like '172.69.3%'; -- cloudflare
delete from sessions where ip_address like '172.69.5%'; -- cloudflare
delete from sessions where ip_address like '172.69.6%'; -- cloudflare
delete from sessions where ip_address like '172.68.6%'; -- cloudflare
delete from sessions where ip_address like '172.69.7%'; -- cloudflare
delete from sessions where ip_address like '172.68.3%'; -- cloudflare
delete from sessions where ip_address like '172.68.2%'; -- cloudflare
delete from sessions where ip_address like '141.101.1%'; -- cloudflare netherlands
delete from sessions where ip_address like '108.162.2%'; -- cloudflare san franciscoRequest upgrade to support Laravel 6.0
Hello
Please upgrade this package to support latest version of Laravel 6.0.
Thanks :)
Does HTTP_CF_CONNECTING_IP affect?
Hi
I added it in public/index.php
if (isset($_SERVER["HTTP_CF_CONNECTING_IP"])) {
$_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}Do I need to remove it?
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.