Skip to content

Authorize.net Direct post showing x_client_ip 127.0.0.1 with Varnish cache #14602

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
treii28 opened this issue Apr 9, 2018 · 3 comments
Closed

Authorize.net Direct post showing x_client_ip 127.0.0.1 with Varnish cache #14602

treii28 opened this issue Apr 9, 2018 · 3 comments
Labels
Component: Authorizenet Component: Framework/Cache Issue: Clear Description Gate 2 Passed. Manual verification of the issue description passed Issue: Confirmed Gate 3 Passed. Manual verification of the issue completed. Issue is confirmed Issue: Format is valid Gate 1 Passed. Automatic verification of issue format passed Issue: Ready for Work Gate 4. Acknowledged. Issue is added to backlog and ready for development Reproduced on 2.2.x The issue has been reproduced on latest 2.2 release Reproduced on 2.3.x The issue has been reproduced on latest 2.3 release

Comments

@treii28
Copy link

treii28 commented Apr 9, 2018

On a magento 2 server configured as recommended in the Magento website documentation behind a Varnish->nginx cache using the default.vcl spit out of Magento, when I try to run a payment through authorize.net, it sends x_client_ip as 127.0.0.1

Preconditions

Magento v2.2.2
apache2 v2.4.18
varnishd v4.1.1
nginx v1.10.3
php7.0

Steps to reproduce

Generated a live payment request using the direct post support in Magento2 for Authorize.net. Checked the content in the browser's Network inspect window for transact.dll (at authorize)

Expected result

Presumably it reads the HTTP server variable REMOTE_ADDR
I'm guessing it might need to read the value of X-Forwarded-For when it exists because the server is running behind a cache.

Actual result

in the Network tab of the browser for transact.dll, I can see in the outgoing parameters x_client_ip is 127.0.0.1
@magento-engcom-team magento-engcom-team added the Issue: Format is valid Gate 1 Passed. Automatic verification of issue format passed label Apr 9, 2018
@treii28
Copy link
Author

treii28 commented Apr 9, 2018
edited
Loading

This may be related to #7227 but is more specific to the direct post. Currently, Authorize.net is not sending back a relay response (no record of the incoming POST in any of the server logs) but Authorize is reporting a timeout waiting for a response. I'm trying to track down anything on our end that might cause that when I noticed the localhost IP in the outgoing data. (my worry is they may not be sending back the response due to the reported client_ip looking suspicious)

Addendum: this turned out not to be the reason authorize.net was not responding, but it would still be nice to have the correct information displayed for logging purposes since that information (including the client ip) is relayed back from authorize.net to be logged locally.
I confirmed the forwarded-for headers are properly being passed through by both nginx on the front end and by varnish by modifying the apache log to show [forwarded addresses] remote_addr at the start of each entry which shows exactly what I would expect.

@engcom-backlog-nickolas engcom-backlog-nickolas added Issue: Ready for Work Gate 4. Acknowledged. Issue is added to backlog and ready for development Issue: Clear Description Gate 2 Passed. Manual verification of the issue description passed Issue: Confirmed Gate 3 Passed. Manual verification of the issue completed. Issue is confirmed Reproduced on 2.2.x The issue has been reproduced on latest 2.2 release Reproduced on 2.3.x The issue has been reproduced on latest 2.3 release Component: Authorizenet Component: Framework/Cache labels Aug 16, 2018
@engcom-backlog-nickolas
Copy link

Hello @treii28, thank you for your report.
We've acknowledged the issue and added to our backlog.

@engcom-backlog-nickolas engcom-backlog-nickolas removed their assignment Aug 16, 2018
@magento-engcom-team
Copy link
Contributor

@treii28, thank you for your report.

Unfortunately, we are archiving this ticket now as it did not get much attention from both Magento Community and Core developers for an extended period. This is done in an effort to create a quality, community-driven backlog which will allow us to allocate the required attention more easily.

Please feel free to comment, reopen or create new ticket according to the Issue reporting guidelines
if you are still facing this issue on the latest 2.3-develop branch. Thank you for collaboration.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Component: Authorizenet Component: Framework/Cache Issue: Clear Description Gate 2 Passed. Manual verification of the issue description passed Issue: Confirmed Gate 3 Passed. Manual verification of the issue completed. Issue is confirmed Issue: Format is valid Gate 1 Passed. Automatic verification of issue format passed Issue: Ready for Work Gate 4. Acknowledged. Issue is added to backlog and ready for development Reproduced on 2.2.x The issue has been reproduced on latest 2.2 release Reproduced on 2.3.x The issue has been reproduced on latest 2.3 release
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@treii28 @magento-engcom-team @engcom-backlog-nickolas