Project

remote_ip_proxy_scrubber

0.01
No commit activity in last 3 years
No release in over 3 years
remote_ip_proxy_scrubbermetavida/remote_ip_proxy_scrubberHomepageDocumentationSource CodeBug TrackerWiki
Make it as easy as possible to prevent Rails from logging IP addresses that belong to proxy devices in your HTTP request chain.
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Popularity
Downloads
156,356
Stars
16
Forks
4
Watchers
3
 Releases
Current version
0.1.1
Total releases
2
First release
2015-03-20
Latest release
2015-03-20
 Issues
Open Issues
0
Closed Issues
2
Total Issues
2
Issue Closure Rate
100%
 Pull Requests
Open Pull Requests
1
Closed Pull Requests
0
Merged Pull Requests
1
Pull Request Acceptance Rate
50%
 Development
Primary Language
Ruby
Licenses
MIT
Average date of last 50 commits
2015-03-24
Reverse Dependencies
0

 Dependencies

Development

rake
>= 0
rspec
~> 3.0
 Project Readme

Gem Version Build Status Code Climate Test Coverage

remote_ip Proxy Scrubber

A project that makes it as easy as possible to prevent Rails from logging IP addresses that belong to proxy devices in your HTTP request chain.

Because Rails has pretty dramatically changed how these sorts of IPs are filtered over the years, this project's ultimate goal is to make life easy on as many Rails versions as possible.

Common Use-cases

Usage

Let's say you've got proxy servers running outside of the local network where your Rails/Rack app is running. In this example, we'll say the IP addresses of these proxy servers are in these IP ranges: 17.0.0.4/30, 17.17.0.8/30

Install the gem

Add the following line to your application's Gemfile:

gem 'remote_ip_proxy_scrubber'

Then run bundle install to install the gem.

Rails: Fixing request.remote_ip

Without this gem, calls to request.remote_ip from your Rails app will return the IP addresses from your proxy servers. Adding the code, below, ensures that request.remote_ip will never return the IP addresses of your proxy servers, and assuming the servers that first process requests from your clients is adding an appropriate X-Forwarded-For header, request.remote_ip will return the real IP address of your clients!

# Add the following to config/application.rb or conifg/environments/*.rb

config.middleware.insert_before(Rails::Rack::Logger, RemoteIpProxyScrubber.filter_middleware, [
  "17.0.0.4/30",
  "17.17.0.8/30",
])

Rails: Fixing logs

Oddly enough, even with request.remote_ip returning the correct value, Rails log will still contain IP addresses from your proxy servers. To fix this, you'll need to tell Rails to use a different logger.

# Add the following to config/application.rb or conifg/environments/*.rb

config.middleware.insert_before(Rails::Rack::Logger, RemoteIpProxyScrubber.patched_logger)
config.middleware.delete(Rails::Rack::Logger)

Other Rack Apps: Fixing request.ip

So long as you're using Rack, you can benefit from this gem! Just add the following near the top of your config.ru file:

use RemoteIpProxyScrubber.filter_middleware, [
  "17.0.0.4/30",
  "17.17.0.8/30",
]

Questions? Contributions?

If this gem isn't working for you, feel free to open up an Issue, or a Pull Request if you've got a proposed solution! I maintain this project in my spare time, so your patience is appreciated.

Credit

Thanks to Haiku Learning for sponsoring the initial development of this gem. We're scratching our own itch, but hopefully it's helpful for you too!