generated from codesandbox/codesandbox-template-nuxt
-
Notifications
You must be signed in to change notification settings - Fork 0
/
IpRewrite.php
134 lines (117 loc) · 3.23 KB
/
IpRewrite.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
<?php
namespace CloudFlare;
class IpRewrite
{
private $is_loaded = false;
private $original_ip = null;
private $rewritten_ip = null;
// Found at https://www.cloudflare.com/ips/
private $cf_ipv4 = array(
'173.245.48.0/20',
'103.21.244.0/22',
'103.22.200.0/22',
'103.31.4.0/22',
'141.101.64.0/18',
'108.162.192.0/18',
'190.93.240.0/20',
'188.114.96.0/20',
'197.234.240.0/22',
'198.41.128.0/17',
'162.158.0.0/15',
'104.16.0.0/12',
'172.64.0.0/13',
'131.0.72.0/22',
);
private $cf_ipv6 = array(
'2400:cb00::/32',
'2405:8100::/32',
'2405:b500::/32',
'2606:4700::/32',
'2803:f800::/32',
'2c0f:f248::/32',
'2a06:98c0::/29'
);
public function __construct()
{
$this->rewrite();
}
/**
* Is a request from CloudFlare?
* @return bool
*/
public function isCloudFlare()
{
if (!isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
return false;
} else {
// Check if original ip has already been restored, e.g. by nginx - assume it was from cloudflare then
if ($_SERVER['REMOTE_ADDR'] === $_SERVER['HTTP_CF_CONNECTING_IP']) {
return true;
}
}
return $this->isCloudFlareIP();
}
/**
* Check if a request comes from a CloudFlare IP.
* @return bool
*/
public function isCloudFlareIP()
{
// Store original remote address in $original_ip
$this->original_ip = $this->getOriginalIP();
if (!isset($this->original_ip)) {
return false;
}
// Process original_ip if on cloudflare
$ip_ranges = $this->cf_ipv4;
if (IpUtils::isIpv6($this->original_ip)) {
$ip_ranges = $this->cf_ipv6;
}
foreach ($ip_ranges as $range) {
if (IpUtils::checkIp($this->original_ip, $range)) {
return true;
}
}
return false;
}
/**
* Get the original IP Address of a given request.
* @return IP Address or null on error
*/
public function getOriginalIP()
{
// If $original_ip is not set, return the REMOTE_ADDR
if (!isset($this->original_ip)) {
$this->original_ip = $_SERVER['REMOTE_ADDR'];
}
return $this->original_ip;
}
/**
* Gets the re-written IP after rewrite() is run.
* @return IP Address or null on error
*/
public function getRewrittenIP()
{
return $this->rewritten_ip;
}
/**
* Handle the rewriting of CloudFlare IP Addresses to end-user IP Addresses.
* NOTE: This function will ultimately rewrite $_SERVER["REMOTE_ADDR"] if the site is on CloudFlare
* @return bool
* @
*/
public function rewrite()
{
// only should be run once per page load
if ($this->is_loaded) {
return false;
}
$this->is_loaded = true;
$is_cf = $this->isCloudFlare();
if (!$is_cf) {
return false;
}
$this->rewritten_ip = $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
return true;
}
}