#11938 closed defect (bug) (wontfix)
Akismet doesn't take the HTTP_X_FORWARDED_HOST into account, sees all comments as spam
Reported by: | husky | Owned by: | |
---|---|---|---|
Milestone: | Priority: | normal | |
Severity: | normal | Version: | 2.9.1 |
Component: | General | Keywords: | close has-patch |
Focuses: | Cc: |
Description
On some installations, requests are forwarded to separate 'PHP workers' and the original REMOTE_ADDR key in the $_SERVER superglobal might be changed to the forwarders IP instead of the original commenter. This means that all requests have the same REMOTE_ADDR when send to the Akismet servers and therefore are all seen as spam.
The forwarding servers add an extra header to the HTTP request called 'HTTP_X_FORWARDED_HOST' that contains the original IP.
I've attached a patch that uses this address if it's available, else it does take the normal 'REMOTE_ADDR' key into account.
Attachments (1)
Change History (5)
Note: See
TracTickets for help on using
tickets.
This should be reported on the Akismet site.