Replies: 0
Hello! I have really enjoyed this plugin and it seems to be working quite well. However, this morning I started getting alerts of a user getting locked out from signing in and while this happens infrequently with our sites, it isn’t entirely unusual. What is unusual is the IP address for all requests is showing up in Live Traffic as the server’s IP address. “How does Wordfence get IPs” is set to the recommended setting (Let Wordfence use the most secure method to get visitor IP addresses. Prevents spoofing and works with most sites.). I manage several websites for this client under the same hosting account at InMotion hosting and they are clones of each other in several ways including Wordfence installation. Only this one site (out of six) is having the issue and it seems to have just started. Going through the live traffic logs, it looks like IPs logging as the server IP started on May 31 (7 days ago).
I was able to start seeing correct IPs by changing the How does Wordfence get IPs option to “Use the X-Real-IP HTTP header.” My other sites are using this method according to the Live Traffic diagnostics information, whereas this one appears to be using REMOTE_ADDR if I leave the default setting in this area.
Is this the correct solution or should I be doing something different? Thanks for a great plugin!