Skip to content

Commit

Permalink
Update README with new order of IP checks
Browse files Browse the repository at this point in the history
  • Loading branch information
pbojinov committed Oct 29, 2018
1 parent ebe9280 commit cc853f5
Show file tree
Hide file tree
Showing 3 changed files with 21 additions and 16 deletions.
22 changes: 12 additions & 10 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -50,19 +50,20 @@ The connect-middleware also supports retrieving the ip address under a custom at

It looks for specific headers in the request and falls back to some defaults if they do not exist.

The following is the order we use to determine the user ip from the request.
The user ip is determined by the following order:

1. `X-Client-IP`
2. `X-Forwarded-For` (Header may return multiple IP addresses in the format: "client IP, proxy 1 IP, proxy 2 IP", so we take the the first one.)
3. `CF-Connecting-IP` (Cloudflare)
4. `True-Client-Ip` (Akamai and Cloudflare)
5. `X-Real-IP` (Nginx proxy/FastCGI)
6. `X-Cluster-Client-IP` (Rackspace LB, Riverbed Stingray)
7. `X-Forwarded`, `Forwarded-For` and `Forwarded` (Variations of #2)
8. `req.connection.remoteAddress`
9. `req.socket.remoteAddress`
10. `req.connection.socket.remoteAddress`
11. `req.info.remoteAddress`
4. `Fastly-Client-Ip` (Fastly CDN and Firebase hosting header when forwared to a cloud function)
5. `True-Client-Ip` (Akamai and Cloudflare)
6. `X-Real-IP` (Nginx proxy/FastCGI)
7. `X-Cluster-Client-IP` (Rackspace LB, Riverbed Stingray)
8. `X-Forwarded`, `Forwarded-For` and `Forwarded` (Variations of #2)
9. `req.connection.remoteAddress`
10. `req.socket.remoteAddress`
11. `req.connection.socket.remoteAddress`
12. `req.info.remoteAddress`

If an IP address cannot be found, it will return `null`.

Expand Down Expand Up @@ -96,7 +97,8 @@ To easily generate a new changelog, install [github-changelog-generator](https:/
* Thanks to [@osherx](https://github.com/osherx) for adding the connect-middleware.
* Thanks to [@raunc](https://github.com/raunc) for adding Squid proxy support.
* Thanks to [@fluxsauce](https://github.com/fluxsauce) for adding `CF-Connecting-IP`, `True-Client-IP`, and ES6 support.
* Thanks to [@vishalvijay](https://github.com/vishalvijay) for adding Fastly/Firebase hosting support.

## License

The MIT License (MIT) - 2017
The MIT License (MIT) - 2018
3 changes: 2 additions & 1 deletion package.json
Original file line number Diff line number Diff line change
Expand Up @@ -13,7 +13,8 @@
"X-Client-IP",
"X-Forwarded-For",
"CF-Connecting-IP",
"True-Client-IP"
"Fastly-Client-IP",
"True-Client-IP",
"X-Real-IP",
"X-Cluster-Client-IP",
"X-Forwarded",
Expand Down
12 changes: 7 additions & 5 deletions src/index.js
Original file line number Diff line number Diff line change
Expand Up @@ -46,18 +46,15 @@ function getClientIpFromXForwardedFor(value) {
* @returns {string} ip - The IP address if known, defaulting to empty string if unknown.
*/
function getClientIp(req) {

// Server is probably behind a proxy.
if (req.headers) {

// Standard headers used by Amazon EC2, Heroku, and others.
if (is.ip(req.headers['x-client-ip'])) {
return req.headers['x-client-ip'];
}

// Firebase hosting header (When forwared to cloud function)
if (is.ip(req.headers['fastly-client-ip'])) {
return req.headers['fastly-client-ip'];
}

// Load-balancers (AWS ELB) or proxies.
const xForwardedFor = getClientIpFromXForwardedFor(req.headers['x-forwarded-for']);
if (is.ip(xForwardedFor)) {
Expand All @@ -71,6 +68,11 @@ function getClientIp(req) {
return req.headers['cf-connecting-ip'];
}

// Fastly and Firebase hosting header (When forwared to cloud function)
if (is.ip(req.headers['fastly-client-ip'])) {
return req.headers['fastly-client-ip'];
}

// Akamai and Cloudflare: True-Client-IP.
if (is.ip(req.headers['true-client-ip'])) {
return req.headers['true-client-ip'];
Expand Down

0 comments on commit cc853f5

Please sign in to comment.