Skip to content
/ remote_ip_proxy_scrubber Public

Make it as easy as possible to prevent Rails from logging IP addresses that belong to proxy devices in your HTTP request chain.

License

MIT license
16 stars 4 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

metavida/remote_ip_proxy_scrubber

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

44 Commits
lib
lib
 
 
spec
spec
 
 
.gitignore
.gitignore
 
 
.rspec
.rspec
 
 
.travis.yml
.travis.yml
 
 
Gemfile
Gemfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
remote_ip_proxy_scrubber.gemspec
remote_ip_proxy_scrubber.gemspec
 
 

Repository files navigation

Gem Version Build Status Code Climate Test Coverage

remote_ip Proxy Scrubber

A project that makes it as easy as possible to prevent Rails from logging IP addresses that belong to proxy devices in your HTTP request chain.

Because Rails has pretty dramatically changed how these sorts of IPs are filtered over the years, this project's ultimate goal is to make life easy on as many Rails versions as possible.

Common Use-cases

Usage

Let's say you've got proxy servers running outside of the local network where your Rails/Rack app is running. In this example, we'll say the IP addresses of these proxy servers are in these IP ranges: 17.0.0.4/30, 17.17.0.8/30

Install the gem

Add the following line to your application's Gemfile:

gem 'remote_ip_proxy_scrubber'

Then run bundle install to install the gem.

Rails: Fixing request.remote_ip

Without this gem, calls to request.remote_ip from your Rails app will return the IP addresses from your proxy servers. Adding the code, below, ensures that request.remote_ip will never return the IP addresses of your proxy servers, and assuming the servers that first process requests from your clients is adding an appropriate X-Forwarded-For header, request.remote_ip will return the real IP address of your clients!

# Add the following to config/application.rb or conifg/environments/*.rb

config.middleware.insert_before(Rails::Rack::Logger, RemoteIpProxyScrubber.filter_middleware, [
  "17.0.0.4/30",
  "17.17.0.8/30",
])

Rails: Fixing logs

Oddly enough, even with request.remote_ip returning the correct value, Rails log will still contain IP addresses from your proxy servers. To fix this, you'll need to tell Rails to use a different logger.

# Add the following to config/application.rb or conifg/environments/*.rb

config.middleware.insert_before(Rails::Rack::Logger, RemoteIpProxyScrubber.patched_logger)
config.middleware.delete(Rails::Rack::Logger)

Other Rack Apps: Fixing request.ip

So long as you're using Rack, you can benefit from this gem! Just add the following near the top of your config.ru file:

use RemoteIpProxyScrubber.filter_middleware, [
  "17.0.0.4/30",
  "17.17.0.8/30",
]

Questions? Contributions?

If this gem isn't working for you, feel free to open up an Issue, or a Pull Request if you've got a proposed solution! I maintain this project in my spare time, so your patience is appreciated.

Credit

Thanks to Haiku Learning for sponsoring the initial development of this gem. We're scratching our own itch, but hopefully it's helpful for you too!

About

Make it as easy as possible to prevent Rails from logging IP addresses that belong to proxy devices in your HTTP request chain.

Resources

Readme

License

MIT license
Activity

Stars

16 stars

Watchers

3 watching

Forks

4 forks
Report repository

Releases

2 tags

Packages

No packages published

Languages