[Release] Incapsula Real IP revCMS

Results 1 to 16 of 16
  1. #1
    QUIT RETROS Zedd is offline
    MemberRank
    Dec 2012 Join Date
    NorwayLocation
    295Posts

    [Release] Incapsula Real IP revCMS

    Hello, RaGEZONE.

    As many noobs have problems with Incapsula and revCMS, I decided the fix for real IP with Incapsula.

    First you open your global.php, and replace everything with this THIS.. Woïla. Every user should now have "ip_reg" real IP, and not Incapsula proxy IP.

    I hope this will be useful for noobs.

    Enjoy!


  2. #2
    Member Sve9n is offline
    MemberRank
    Sep 2013 Join Date
    NorwayLocation
    69Posts

    Re: [Release] Incapsula Real IP revCMS

    Thanks man

  3. #3
    Enthusiast Vexq is offline
    MemberRank
    Feb 2012 Join Date
    33Posts

    Re: [Release] Incapsula Real IP revCMS

    Or use:
    $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_INCAP_CLIENT_IP"] ? $_SERVER["HTTP_INCAP_CLIENT_IP"] : $_SERVER["REMOTE_ADDR"];

  4. #4
    I (L) Willem Spot Ify is offline
    MemberRank
    Jun 2012 Join Date
    The NetherlandsLocation
    294Posts

    Re: [Release] Incapsula Real IP revCMS

    Quote Originally Posted by Vexq View Post
    Or use:
    $_SERVER['REMOTE_ADDR'] = $_SERVER["HTTP_INCAP_CLIENT_IP"] ? $_SERVER["HTTP_INCAP_CLIENT_IP"] : $_SERVER["REMOTE_ADDR"];
    You know that HTTP_INCAP_CLIENT_IP can be changed with a simple httpheader changer... And that a cms like revcms doesn't filter it... So you can run mysql exploits.. Ps you can do that by cloudflare too...

    - Spot Ify

  5. #5
    QUIT RETROS Zedd is offline
    MemberRank
    Dec 2012 Join Date
    NorwayLocation
    295Posts

    Re: [Release] Incapsula Real IP revCMS

    Quote Originally Posted by Sve9n View Post
    Thanks man
    No problem.

    - - - Updated - - -

    Quote Originally Posted by Exonize View Post
    By looking at that file you are the only noob here. I don't use Incapsula but you could easily get the real IP with 2 lines of code and without messing up the CMS.
    If you just have shit to post on EVERY thread I post, just f*k off.

  6. #6
    Developer BurakDev is offline
    MemberRank
    Mar 2013 Join Date
    ParisLocation
    376Posts

    Re: [Release] Incapsula Real IP revCMS

    Using your method you allow IP spoofing if hacker have real IP of server. (some way to get it)

  7. #7
    QUIT RETROS Zedd is offline
    MemberRank
    Dec 2012 Join Date
    NorwayLocation
    295Posts

    Re: [Release] Incapsula Real IP revCMS

    Actually, I'm personally using Incapsula for CDN.

  8. #8
    :joy: Jonteh is offline
    MemberRank
    Apr 2007 Join Date
    New York, USALocation
    3,372Posts

    Re: [Release] Incapsula Real IP revCMS

    Quote Originally Posted by Spot Ify View Post
    You know that HTTP_INCAP_CLIENT_IP can be changed with a simple httpheader changer... And that a cms like revcms doesn't filter it... So you can run mysql exploits.. Ps you can do that by cloudflare too...

    - Spot Ify
    You can't do it with CF anymore because I reported it to them.

  9. #9
    I (L) Willem Spot Ify is offline
    MemberRank
    Jun 2012 Join Date
    The NetherlandsLocation
    294Posts

    Re: [Release] Incapsula Real IP revCMS

    Quote Originally Posted by Jonteh View Post
    You can't do it with CF anymore because I reported it to them.
    To Who? to all retro's or did you report it to cloudflare...
    because its not a cloudflare issue its a code issue becaue if you know the real ip...
    Then can you change the host so the server thinks you are entering the website from the real domain (if they have the bindings at the domain by IIS)
    And then you have direct connection and by direct connection can you set the HTTPHEADERS because there is no cloudflare who delete the header...

    There are easy fixes for this validating the header (I recommed that)
    Or allow only the cloudflare ips in IIS with IP and Domain Restrictions (I recommed this too because its also for the AntiDDOS ;p)

    - Spot Ify

  10. #10
    :joy: Jonteh is offline
    MemberRank
    Apr 2007 Join Date
    New York, USALocation
    3,372Posts

    Re: [Release] Incapsula Real IP revCMS

    Quote Originally Posted by Spot Ify View Post
    To Who? to all retro's or did you report it to cloudflare...
    because its not a cloudflare issue its a code issue becaue if you know the real ip...
    Then can you change the host so the server thinks you are entering the website from the real domain (if they have the bindings at the domain by IIS)
    And then you have direct connection and by direct connection can you set the HTTPHEADERS because there is no cloudflare who delete the header...

    There are easy fixes for this validating the header (I recommed that)
    Or allow only the cloudflare ips in IIS with IP and Domain Restrictions (I recommed this too because its also for the AntiDDOS ;p)

    - Spot Ify
    CloudFlare validates the cf connecting IP header before sending it to the website.

    I know this because I used said exploit to hack many websites. I reported it to them and got a year of pro and a t shirt, lolz.

  11. #11
    Account Upgraded | Title Enabled! UartigZone is offline
    MemberRank
    Dec 2013 Join Date
    LoserlandLocation
    441Posts

    Re: [Release] Incapsula Real IP revCMS

    With me after i replace, people still have the Proxy IP ?

  12. #12
    I (L) Willem Spot Ify is offline
    MemberRank
    Jun 2012 Join Date
    The NetherlandsLocation
    294Posts

    Re: [Release] Incapsula Real IP revCMS

    They alwayd did lol bug I'm saying that if you Know the real ip of the webserver. Then you can just skip Cloudflare and have a direct connection.. Because cloudflare is just a domainproxy and it has nothing to do with the real webserver. So you can still change the header if you know the real ip and adding it to your hostfile. Lol

    But if you setup iis to allow only connections from cloudflare is it impossible to do that.. But there are just some retro's who have that...

    And I just tested it at a big hotel with cloudflare and it was still possible...

    -spot Ify

  13. #13
    QUIT RETROS Zedd is offline
    MemberRank
    Dec 2012 Join Date
    NorwayLocation
    295Posts

    Re: [Release] Incapsula Real IP revCMS

    Quote Originally Posted by UartigZone View Post
    With me after i replace, people still have the Proxy IP ?
    Did you replace your whole global.php?

  14. #14
    Account Upgraded | Title Enabled! UartigZone is offline
    MemberRank
    Dec 2013 Join Date
    LoserlandLocation
    441Posts

    Re: [Release] Incapsula Real IP revCMS

    Quote Originally Posted by Zedd View Post
    Did you replace your whole global.php?
    Yes and still the same ....

  15. #15
    QUIT RETROS Zedd is offline
    MemberRank
    Dec 2012 Join Date
    NorwayLocation
    295Posts

    Re: [Release] Incapsula Real IP revCMS

    Quote Originally Posted by UartigZone View Post
    Yes and still the same ....
    It's working here. Be sure if you're using a http proxy over Incapsula it won't work.

  16. #16
    :joy: Jonteh is offline
    MemberRank
    Apr 2007 Join Date
    New York, USALocation
    3,372Posts

    Re: [Release] Incapsula Real IP revCMS

    if you're using a reverse proxy as well as incapsula then you'll need to split the forwarded ip as it will forward 2 lots

    Code:
    $ips = $_SERVER["HTTP_INCAP_CLIENT_IP"];
    $split = explode(',', $ips);
    $one = $split[0]; // most likely your proxy ip
    $two = $split[1]; // probably your real ip
    


    You might need to use X_FORWARDED_IP or whatever instead to do the above, not sure. Never used incapsula.



Advertisement