外掛標籤
開發者團隊
原文外掛簡介
Gryphon Verified Client IP determines the client IP by walking the forwarding chain, only trusting addresses
that match your configured proxy networks (by CIDR range). It stops at the first untrusted hop, which is the
true client IP. The resolved address replaces REMOTE_ADDR early in the WordPress lifecycle, allowing other Plugins
to use it.
The component is secure by default and only trusted proxies are traversed; spoofed headers are ignored. Both
IPv4 and IPv6 are fully supported, including protocol translation.
Multiple header formats are supported including standard RFC 7239 Forwarded, common X-Forwarded-For,
Cloudflare CF-Connecting-IP, or any custom header.
The component includes a diagnostics panel that can be enabled to recording incoming requests with
full header dumps and algorithm step traces for debugging.
For more detail see the Github project site
Gryphon WordPress Verified Client IP
Compatibility Note
If your server uses Apache mod_remoteip or nginx set_real_ip_from, those modules will
pre-resolve REMOTE_ADDR from forwarding headers before PHP runs. Disable the web server module and
let this plugin handle IP resolution instead, or let it pre-resolve and use this plugin for any
additional proxies not covered by the engine.
