Hi, we are testing a bitnami redmine and in some cases we have this kind of error:
Completed 500 Internal Server Error in 16ms
ActionDispatch::RemoteIp::IpSpoofAttackError (IP spoofing attack?!HTTP_CLIENT_IP="1.2.3.4"HTTP_X_FORWARDED_FOR="x.x.x.x, y.y.y.y"):
app/controllers/account_controller.rb:213:in `successful_authentication'
app/controllers/account_controller.rb:167:in `password_authentication'
app/controllers/account_controller.rb:154:in `authenticate_user'
app/controllers/account_controller.rb:30:in `login'
Occur with some of our collegues that works in a specific company that navigate behind a reverse proxy (I suppose)
Investigating we find a possible solution, disabling the check as written here:
http://stackoverflow.com/questions/7887932/turning-off-ip-spoofing-check-in-rails-3-applicationhttp://writeheavy.com/2011/07/31/when-its-ok-to-turn-of-rails-ip-spoof-checking.htmlhttp://pivotallabs.com/standup-4-7-2010-disabling-rails-ip-spoofing-safeguard/Every kind of test doesn't work and the server doesn't start anymore. We remain with services that doesn't start Like this:
Apache Web Server - Running
MySQL Database - Running
Subversion - Running
Thin_redmine - Stopped
Thin_redmine2 - Stopped
We try to edit this files:
adding line
config.action_controller.ip_spoofing_check = false
Result: services doesn't start anymore
D:\\BitNami\\redmine-2.2.3-0\\apps\\redmine\\htdocs\\config\\environment.rb
adding lines
Rails::Initializer.run do |config|
config.action_controller.ip_spoofing_check = false
end
or only
config.action_controller.ip_spoofing_check = false
Result: services doesn't start anymore
Does anyone know witch file we need to update ? There is 16 environment.rb files on server, witch one we need to update ?
Thanks
