├── README.textile
└── reverseproxy
    └── plugin.php


/README.textile:
--------------------------------------------------------------------------------
 1 | **This project has been archived, you may fork it and continue to develop it further.**
 2 | 
 3 | **The code may be insecure as it is and no effort to correct any bugs will be taken.**
 4 | 
 5 | h2. YOURLS Reverse Proxy Plugin
 6 | 
 7 | Fixes the user IPs to point to the actual user instead of your cloud provider's infrastructure IPs, for now the following providers and their headers are supported:
 8 | * Cloudflare: This information is gathered from _CF-Connecting-IP_ and applied as a filter to _yourls_get_IP()_
 9 | * Heroku: This information is gathered from _X-Forwarded-For_ and applied as a filter to _yourls_get_IP()_
10 | 
11 | h3. Why?
12 | 
13 | Due to how CloudFlare is essentially a reverse proxy between your server and the internet at large, your server will end up seeing the reverse proxy instead of the client requesting the pagethe server will see the proxy IPs instead of the real IP that[1]
14 | and Heroku has router infrastructure which behaves in a similar fashion.[3]
15 | 
16 | h3. Installation
17 | 
18 | # Fetch/pull/download the repo
19 | # Copy the folder _reverseproxy_ into _YOURLS_ABSPATH/user/plugins_ where _YOURLS_ABSPATH_ is the location your YOURLS install is located in.
20 | # Activate plugin on administrator interface.
21 | # ???
22 | # Profit!
23 | 
24 | 
25 | fn1. "https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs-Logging-visitor-IP-addresses-with-mod-cloudflare-":https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs-Logging-visitor-IP-addresses-with-mod-cloudflare-
26 | 
27 | fn2. "https://devcenter.heroku.com/articles/http-routing#heroku-headers":https://devcenter.heroku.com/articles/http-routing#heroku-headers
28 | 


--------------------------------------------------------------------------------
/reverseproxy/plugin.php:
--------------------------------------------------------------------------------
 1 | <?php
 2 | /*
 3 | Plugin Name: ReverseProxy
 4 | Plugin URI: https://github.com/Diftraku/yourls_cloudflare/
 5 | Description: Fixes incoming IPs to use the client IP from reverse proxies
 6 | Version: 2.1
 7 | Author: Diftraku
 8 | */
 9 | 
10 | // Block direct access to the plugin
11 | if( !defined( 'YOURLS_ABSPATH' ) ) die();
12 | 
13 | // Add a filter to get_IP for the real IP instead of the reverse proxy
14 | yourls_add_filter( 'get_IP', 'reverseproxy_get_ip');
15 | function reverseproxy_get_ip( $ip ) {
16 | 	if ( isset( $_SERVER['HTTP_CF_CONNECTING_IP'] ) ) {
17 | 		$ip = $_SERVER['HTTP_CF_CONNECTING_IP'];
18 | 	} elseif ( isset( $_SERVER['HTTP_X_FORWARDED_FOR'] ) ) {
19 | 		$ip = $_SERVER['HTTP_X_FORWARDED_FOR'];
20 | 	} elseif ( isset ( $_SERVER['HTTP_X_REAL_IP'] ) ) {
21 | 		$ip = $_SERVER['HTTP_X_REAL_IP'];
22 | 	}
23 | 	return yourls_sanitize_ip( $ip );
24 | }
25 | 


--------------------------------------------------------------------------------