Hi, we are testing a bitnami redmine and in some cases we have this kind of error:
Completed 500 Internal Server Error in 16ms
ActionDispatch::RemoteIp::IpSpoofAttackError (IP spoofing attack?!HTTP_CLIENT_IP="1.2.3.4"HTTP_X_FORWARDED_FOR="x.x.x.x, y.y.y.y"):
app/controllers/account_controller.rb:213:in successful_authentication'
app/controllers/account_controller.rb:167:inpassword_authentication'
app/controllers/account_controller.rb:154:in authenticate_user'
app/controllers/account_controller.rb:30:inlogin'
Occur with some of our collegues that works in a specific company that navigate behind a reverse proxy (I suppose)
Investigating we find a possible solution, disabling the check as written here: http://stackoverflow.com/questions/7887932/turning-off-ip-spoofing-check-in-rails-3-application or http://writeheavy.com/2011/07/31/when-its-ok-to-turn-of-rails-ip-spoof-checking.html or http://pivotallabs.com/standup-4-7-2010-disabling-rails-ip-spoofing-safeguard/
Every kind of test doesn't work and the server doesn't start anymore. We remain with services that doesn't start Like this: Apache Web Server - Running MySQL Database - Running Subversion - Running Thin_redmine - Stopped Thin_redmine2 - Stopped
We try to edit this files: D:\BitNami\redmine-2.2.3-0\apps\redmine\htdocs\config\additional_environment.rb adding line config.action_controller.ip_spoofing_check = false Result: services doesn't start anymore
D:\BitNami\redmine-2.2.3-0\apps\redmine\htdocs\config\environment.rb adding lines Rails::Initializer.run do |config| config.action_controller.ip_spoofing_check = false end or only config.action_controller.ip_spoofing_check = false Result: services doesn't start anymore
Does anyone know witch file we need to update ? There is 16 environment.rb files on server, witch one we need to update ?
Thanks