Ensure that if present the HTTP_X_FORWARDED_FOR IP address is used instead of the...

[civicrm-core.git] / CRM / Core / IDS.php

diff --git a/CRM/Core/IDS.php b/CRM/Core/IDS.php
index 4d0d513e2c01548b8b5bd55b6edf06a06e36c27b..02e9730d2d63e907bd8d0b12ef8ee3bd29607738 100644 (file)
--- a/CRM/Core/IDS.php
+++ b/CRM/Core/IDS.php
@@ -247,10 +247,8 @@ class CRM_Core_IDS {
    * @return bool
    */
   private function log($result, $reaction = 0) {
-    $ip = (isset($_SERVER['SERVER_ADDR']) &&
-      $_SERVER['SERVER_ADDR'] != '127.0.0.1') ? $_SERVER['SERVER_ADDR'] : (
-      isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? $_SERVER['HTTP_X_FORWARDED_FOR'] : '127.0.0.1'
-      );
+    // Include X_FORWARD_FOR ip address if set as per IDS patten.
+    $ip = $_SERVER['REMOTE_ADDR'] . (isset($_SERVER['HTTP_X_FORWARDED_FOR']) ? ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')' : '');
 
     $data = [];
     $session = CRM_Core_Session::singleton();