4

I recently moved a Laravel app from a server to Vapor. This app relies on logging request IP addresses using Request::ip(), but since switching to Vapor, all IPs are logged as 127.0.0.1.

I have looked over the Trusted Proxy docs at https://laravel.com/docs/5.6/requests#configuring-trusted-proxies but we do not have a load balancer set up, so this solution does not appear relevant. I suspect this IP address is coming from the Amazon API Gateway.

How do we get the actual client IP of incoming requests in an app deployed on Vapor?

A minimal example of how we use the IP address is below:

public function store(Request $request)
    {
        $workerIP = $request->ip();
        $worker = Worker::create(['ip_address' => $workerIP]);
        return view('workers.show')->withWorker($worker);

    }
ceejayoz
  • 176,543
  • 40
  • 303
  • 368
Nathan
  • 97
  • 2
  • 9

5 Answers5

13

There is x-vapor-source-ip header in latest Vapor core package (vapor-core:v2.2.1) which exposes Lambda's sourceIp property in order to get the client's real ip safely.

You can retrieve the ip:

Request::header('x-vapor-source-ip')
mikkokut
  • 382
  • 1
  • 12
4

"we do not have a load balancer set up" Yes, you do. The API Gateway is, fundamentally, a proxy of exactly the sort that the trusted proxy configuration is intended for.

Set 'proxies' => '*' in your config/trustedproxy.php file and you should start seeing the right IP addresses.

ceejayoz
  • 176,543
  • 40
  • 303
  • 368
  • This does not work in Laravel Vapor as there are two proxies before the lambda (API Gateway and Cloudfront). I have not figured out any way to retrieve the client's ip securely. – mikkokut Nov 04 '19 at 08:57
  • @mikkokut I'd hit up Vapor support. Chains of `X-Forwarded-For` headers should work fine, but with Vapor being new it's possible they don't have it configured exactly right yet. – ceejayoz Nov 04 '19 at 13:12
  • The problem seems to be related to https://github.com/fideloper/TrustedProxy/issues/107 – mikkokut Nov 04 '19 at 15:49
2

I faced the same problem. The suggested x-vapor-source-ip does not work when CloudFlare is being used like when you use Vapors temporary URL's. When Laravel Vapor sits behind CloudFlare, the User's IP address can be obtained via:

$request->header('cf-connecting-ip');

On actual domain names (non Vapor domains) use:

$request->header('x-vapor-source-ip');

sietse85
  • 1,488
  • 1
  • 10
  • 26
1

I talked to Vapor Support today. They told me to keep TrustProxy default value and let Vapor does the magic. It works. This is my TrustProxy

class TrustProxies extends Middleware
{
/**
 * The trusted proxies for this application.
 *
 * @var array|string
 */
protected $proxies;

/**
 * The headers that should be used to detect proxies.
 *
 * @var int
 */
protected $headers = Request::HEADER_X_FORWARDED_ALL;
}

and to get IP, I m using request()->ip()

Michael Nguyen
  • 1,691
  • 2
  • 18
  • 33
0

If you are looking for the client IP which application is accessing.

then you will check the $_SERVER you will get more information there.

 $_SERVER['HTTP_X_VAPOR_SOURCE_IP']

try out above variable there you get your client ip. also below helper function in Laravel help you to get IP.

function get_client_ip()
{
  $ipaddress = '';
  if (isset($_SERVER['HTTP_CLIENT_IP']))
    $ipaddress = $_SERVER['HTTP_CLIENT_IP'];
  else if (isset($_SERVER['HTTP_X_FORWARDED_FOR']))
    $ipaddress = $_SERVER['HTTP_X_FORWARDED_FOR'];
  else if (isset($_SERVER['HTTP_X_FORWARDED']))
    $ipaddress = $_SERVER['HTTP_X_FORWARDED'];
  else if (isset($_SERVER['HTTP_FORWARDED_FOR']))
    $ipaddress = $_SERVER['HTTP_FORWARDED_FOR'];
  else if (isset($_SERVER['HTTP_X_VAPOR_SOURCE_IP']))
    $ipaddress = $_SERVER['HTTP_X_VAPOR_SOURCE_IP'];
  else if (isset($_SERVER['HTTP_FORWARDED']))
    $ipaddress = $_SERVER['HTTP_FORWARDED'];
  else if (isset($_SERVER['REMOTE_ADDR']))
    $ipaddress = $_SERVER['REMOTE_ADDR'];
  else
    $ipaddress = 'UNKNOWN';
  return $ipaddress;
}

You can tried this function. Thanks.

Yagnik Detroja
  • 921
  • 1
  • 7
  • 22