function cloudflare_init()
{
global $is_cf;
$is_cf = isset($_SERVER["HTTP_CF_CONNECTING_IP"]) ? TRUE : FALSE;
// only run this logic if the REMOTE_ADDR is populated, to avoid causing notices in CLI mode
if (isset($_SERVER["REMOTE_ADDR"])) {
if (strpos($_SERVER["REMOTE_ADDR"], ":") === FALSE) {
$cf_ip_ranges = array("199.27.128.0/21", "173.245.48.0/20", "103.21.244.0/22", "103.22.200.0/22", "103.31.4.0/22", "141.101.64.0/18", "108.162.192.0/18", "190.93.240.0/20", "188.114.96.0/20", "197.234.240.0/22", "198.41.128.0/17", "162.158.0.0/15", "104.16.0.0/12", "172.64.0.0/13");
// IPV4: Update the REMOTE_ADDR value if the current REMOTE_ADDR value is in the specified range.
foreach ($cf_ip_ranges as $range) {
if (ipv4_in_range($_SERVER["REMOTE_ADDR"], $range)) {
if ($_SERVER["HTTP_CF_CONNECTING_IP"]) {
$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
break;
}
}
} else {
$cf_ip_ranges = array("2400:cb00::/32", "2606:4700::/32", "2803:f800::/32", "2405:b500::/32", "2405:8100::/32");
$ipv6 = get_ipv6_full($_SERVER["REMOTE_ADDR"]);
foreach ($cf_ip_ranges as $range) {
if (ipv6_in_range($ipv6, $range)) {
if ($_SERVER["HTTP_CF_CONNECTING_IP"]) {
$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
break;
}
}
}
}
add_action('admin_menu', 'cloudflare_config_page');
}
function __rocket_set_real_ip_cloudflare()
{
global $is_cf;
$is_cf = isset($_SERVER["HTTP_CF_CONNECTING_IP"]) ? TRUE : FALSE;
// only run this logic if the REMOTE_ADDR is populated, to avoid causing notices in CLI mode
if (isset($_SERVER["REMOTE_ADDR"])) {
if (strpos($_SERVER["REMOTE_ADDR"], ":") === FALSE) {
$cf_ip_ranges = array("199.27.128.0/21", "173.245.48.0/20", "103.21.244.0/22", "103.22.200.0/22", "103.31.4.0/22", "141.101.64.0/18", "108.162.192.0/18", "190.93.240.0/20", "188.114.96.0/20", "197.234.240.0/22", "198.41.128.0/17", "162.158.0.0/15", "104.16.0.0/12");
// IPV4: Update the REMOTE_ADDR value if the current REMOTE_ADDR value is in the specified range.
foreach ($cf_ip_ranges as $range) {
if (ipv4_in_range($_SERVER["REMOTE_ADDR"], $range)) {
if ($_SERVER["HTTP_CF_CONNECTING_IP"]) {
$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
break;
}
}
} else {
$cf_ip_ranges = array("2400:cb00::/32", "2606:4700::/32", "2803:f800::/32", "2405:b500::/32", "2405:8100::/32");
$ipv6 = get_ipv6_full($_SERVER["REMOTE_ADDR"]);
foreach ($cf_ip_ranges as $range) {
if (ipv6_in_range($ipv6, $range)) {
if ($_SERVER["HTTP_CF_CONNECTING_IP"]) {
$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
break;
}
}
}
}
// Let people know that the CF WP plugin is turned on.
if (!headers_sent()) {
header("X-CF-Powered-By: WP Rocket " . WP_ROCKET_VERSION);
}
}
function fix_cf_ip()
{
if (!isset($_SERVER['HTTP_CF_CONNECTING_IP'])) {
return;
}
if (strpos($_SERVER['REMOTE_ADDR'], ':') === FALSE) {
$cf_ip_ranges = array("204.93.240.0/24", "204.93.177.0/24", "199.27.128.0/21", "173.245.48.0/20", "103.21.244.0/22", "103.22.200.0/22", "103.31.4.0/22", "141.101.64.0/18", "108.162.192.0/18", "190.93.240.0/20", "188.114.96.0/20", "197.234.240.0/22", "198.41.128.0/17", "162.158.0.0/15");
foreach ($cf_ip_ranges as $range) {
if (ipv4_in_range($_SERVER['REMOTE_ADDR'], $range)) {
$_SERVER['REMOTE_ADDR_CF'] = $_SERVER['REMOTE_ADDR'];
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
break;
}
}
} else {
$cf_ip_ranges = array("2400:cb00::/32", "2606:4700::/32", "2803:f800::/32", "2405:b500::/32", "2405:8100::/32");
$ipv6 = get_ipv6_full($_SERVER['REMOTE_ADDR']);
foreach ($cf_ip_ranges as $range) {
if (ipv6_in_range($ipv6, $range)) {
$_SERVER['REMOTE_ADDR_CF'] = $_SERVER['REMOTE_ADDR'];
$_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_CF_CONNECTING_IP'];
break;
}
}
}
}
function cloudflare_init()
{
global $is_cf;
$is_cf = isset($_SERVER["HTTP_CF_CONNECTING_IP"]) ? TRUE : FALSE;
// Only run this logic if the REMOTE_ADDR is populated, to avoid causing notices in CLI mode
if (isset($_SERVER["REMOTE_ADDR"])) {
if (FALSE === strpos($_SERVER["REMOTE_ADDR"], ":")) {
// @FIXME daily download to a transient: https://www.cloudflare.com/ips-v4
$cf_ip_ranges = array("199.27.128.0/21", "173.245.48.0/20", "103.21.244.0/22", "103.22.200.0/22", "103.31.4.0/22", "141.101.64.0/18", "108.162.192.0/18", "190.93.240.0/20", "188.114.96.0/20", "197.234.240.0/22", "198.41.128.0/17", "162.158.0.0/15", "104.16.0.0/12", "172.64.0.0/13");
// IPV4: Update the REMOTE_ADDR value if the current REMOTE_ADDR value is in the specified range.
foreach ($cf_ip_ranges as $range) {
if (ipv4_in_range($_SERVER["REMOTE_ADDR"], $range)) {
if ($_SERVER["HTTP_CF_CONNECTING_IP"]) {
$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
break;
}
}
} else {
// @FIXME daily download to a transient: https://www.cloudflare.com/ips-v6
$cf_ip_ranges = array("2400:cb00::/32", "2606:4700::/32", "2803:f800::/32", "2405:b500::/32", "2405:8100::/32");
$ipv6 = get_ipv6_full($_SERVER["REMOTE_ADDR"]);
foreach ($cf_ip_ranges as $range) {
if (ipv6_in_range($ipv6, $range)) {
if ($_SERVER["HTTP_CF_CONNECTING_IP"]) {
$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
break;
}
}
}
}
// Let people know that the CF WP plugin is turned on.
if (!headers_sent()) {
header("X-CF-Powered-By: WP " . CLOUDFLARE_VERSION);
}
add_action('admin_menu', 'cloudflare_config_page');
}
function cloudflare_init()
{
global $cf_api_host, $cf_api_port, $is_cf;
$cf_api_host = "ssl://www.cloudflare.com";
$cf_api_port = 443;
$is_cf = $_SERVER["HTTP_CF_CONNECTING_IP"] ? TRUE : FALSE;
if (strpos($_SERVER["REMOTE_ADDR"], ":") === FALSE) {
$cf_ip_ranges = array("204.93.240.0/24", "204.93.177.0/24", "199.27.128.0/21", "173.245.48.0/20", "103.22.200.0/22", "141.101.64.0/18", "108.162.192.0/18", "190.93.240.1/20");
// IPV4: Update the REMOTE_ADDR value if the current REMOTE_ADDR value is in the specified range.
foreach ($cf_ip_ranges as $range) {
if (ipv4_in_range($_SERVER["REMOTE_ADDR"], $range)) {
if ($_SERVER["HTTP_CF_CONNECTING_IP"]) {
$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
break;
}
}
} else {
$cf_ip_ranges = array("2400:cb00::/32", "2606:4700::/32", "2803:f800::/32");
$ipv6 = get_ipv6_full($_SERVER["REMOTE_ADDR"]);
foreach ($cf_ip_ranges as $range) {
if (ipv6_in_range($ipv6, $range)) {
if ($_SERVER["HTTP_CF_CONNECTING_IP"]) {
$_SERVER["REMOTE_ADDR"] = $_SERVER["HTTP_CF_CONNECTING_IP"];
}
break;
}
}
}
// Let people know that the CF WP plugin is turned on.
if (!headers_sent()) {
header("X-CF-Powered-By: WP " . CLOUDFLARE_VERSION);
}
add_action('admin_menu', 'cloudflare_config_page');
cloudflare_admin_warnings();
}
private function checkSecondaryLists($ip_address)
{
if (!$this->config->get('enable_range_search')) {
return false;
}
foreach ($this->dataRepository->firewall->all() as $range) {
if (IpAddress::ipV4Valid($range['ip_address']) && ipv4_in_range($ip_address, $range['ip_address'])) {
return $range;
}
}
return false;
}
function ipv4_in_range($ip, $range)
{
if (is_array($range)) {
foreach ($range as $iprange) {
if (ipv4_in_range($ip, $iprange)) {
return true;
}
}
return false;
}
// Wildcarded range
// 192.168.1.*
if (!str_contains($range, '-') && str_contains($range, '*')) {
$range = str_replace('*', '0', $range) . '-' . str_replace('*', '255', $range);
}
// Dashed range
// 192.168.1.1-192.168.1.100
// 0.0.0.0-255.255.255.255
if (count($twoIps = explode('-', $range)) == 2) {
$ip1 = ip2long($twoIps[0]);
$ip2 = ip2long($twoIps[1]);
return ip2long($ip) >= $ip1 && ip2long($ip) <= $ip2;
}
if (count($twoIps = explode('-', $range)) == 2) {
$ip1 = ip2long($twoIps[0]);
$ip2 = ip2long($twoIps[1]);
return ip2long($ip) >= $ip1 && ip2long($ip) <= $ip2;
}
// Masked range or fixed IP
// 192.168.17.1/16 or
// 127.0.0.1/255.255.255.255 or
// 10.0.0.1
return ipv4_match_mask($ip, $range);
}
private function isTrackableIp()
{
return !ipv4_in_range($this->request->getClientIp(), $this->config->get('do_not_track_ips'));
}
public function ipV4InRange($ip, $range)
{
return ipv4_in_range($ip, $range);
}
