Postbacks causing problems


#1

My Credit Card processor did maintenance on their software & servers (Zombaio), and since then some members to my site have what Zombaio call excessive Postbacks. I see this as an increase in their I.P. addresses, although benign but this is causing my security software problems as it only allows 3 different I.P.'s before suspending the user.

I have increased this but I’m not sure if it is CloudFlare that is causing this, or something I should be doing.

Does anyone have any advise please ?


#2

Is there any more information about what is wrong? The problem seems kind of vague.
When requests come from cloudflare to your origin server the requests from your users are being proxied through cloudflare’s servers. I don’t think there is any guarantee that requests from the same user will be proxied through the same cloudflare server so your origin server might see multiple IP’s per user/session.
Cloudflare gives you the user’s actual IP in two http headers. You might need to configure your server’s software to look at the headers for the user’s real IP instead of letting it assume it’s whatever is directly connecting to your server. There are a bunch of help articles about “restoring” the user’s IP here for different pieces of software.
The headers are CF-Connecting-IP and X-Forwarded-For. The former is cloudflare specific and the latter needs to be parsed and has security implications. They are documented here:


If you use X-Forwarded-For then it might not be safe to just take the last value and assume it belongs to the user because a malicious user can add as many values as they want to it. It is really common for proxies to use that header though so if this is something you need to do your software might already have a way to configure its use.


#3

Many thanks for the reply, and will have a look at those links.

I do apologise for being vague but I’m not tech savvy with Apache servers.


#4

This topic was automatically closed after 14 days. New replies are no longer allowed.