Reverse proxy / firewall options – HTTP header

  • Resolved WPinThai

    (@wpinthai)


    1 year ago

    In WP Activity Log, Settings, General tab, Reverse proxy / firewall options, I believe I need to select a HTTP header based on the Firewall plugin I have on my website.

    I have the Wordfence plugin with the Firewall active on my website.

    I look in Wordfence, All Options, General Wordfence Options, “How does Wordfence get IPs” and see it is set as “Let Wordfence use the most secure method to get visitor IP addresses. Prevents spoofing and works with most sites. (Recommended)”.

    Based on one of their webpages (https://www.wordfence.com/help/dashboard/options/), I believe this means Wordfence will try to get a valid IP address from PHP. If that does not work, it will look at headers that a firewall or reverse proxy sends in case my site uses this configuration.

    • Please can you tell me which HTTP header I need to select in WP Activity Log, Settings, General tab, Reverse proxy / firewall options

    Thanks in advance

    Simon

Viewing 5 replies - 1 through 5 (of 5 total)
  • Plugin Support Lucian Padureanu

    (@lucianwpwhite)

    1 year ago

    Hello @wpinthai,

    Thank you for reaching out and for the detailed information — much appreciated!

    I just wanted to clarify that in your case, you do not need to configure anything under the “Reverse proxy / firewall options” in the WP Activity Log plugin settings. That option is intended for setups using remote Web Application Firewalls (WAFs) or reverse proxies, where the real visitor IP might be masked or replaced in HTTP headers.

    Since you’re using Wordfence, and its firewall is running locally on your website, there’s no need to specify or select a custom HTTP header. The plugin will correctly detect the IP address without any additional configuration.

    Let us know if you have any other questions — always happy to help!

    Thread Starter WPinThai

    (@wpinthai)

    1 year ago

    Hi Lucian

    Thank you very much for you reply.

    Am I right in thinking that when you say “remote Web Application Firewalls (WAFs)” you mean “Cloud-based” firewalls and/or Host-Provider-based Firewalls?

    So, because my host provider plan does not provide a Host-Provider-based Firewall I should set the Reverse proxy / firewall option in your plugin to … No ?

    Plugin Support robertabela

    (@robert681)

    1 year ago

    Correct, you do not need to change that setting. It should be set to No.

    Is there anything else we can assist you with in the meantime?

    Thread Starter WPinThai

    (@wpinthai)

    1 year ago

    Thank you very much for confirming.

    I would like to suggest someone in Support gets an update made (based on the info in this ticket) to the explanation text in your KB article at https://melapress.com/support/kb/wp-activity-log-support-reverse-proxies-web-application-firewalls/?utm_source=plugin&utm_medium=link&utm_campaign=wsal

    I think it will deflect some calls and help other people for you ;O)

    Simon

    Plugin Support robertabela

    (@robert681)

    1 year ago

    Thank you for the feedback. We will take care of that @wpinthai

    Should you have any other questions, please do not hesitate to ask. May I ask you for a small favour? Please spare a minute to rate our plugin and service. These ratings are really helpful.

    Thank you and have a good day.

Viewing 5 replies - 1 through 5 (of 5 total)

The topic ‘Reverse proxy / firewall options – HTTP header’ is closed to new replies.