After upgrading my phpBB board to 3.3, I tested out doing a guest post and I receive an error message that my IP address was blocked by Spamhaus. The problem was that the IP address listed was not my IP address. For whatever reason, it was pulling up an IP address that I am pretty sure was a Cloudflare IP address.
Doing a search found a few people with similar problems, but I didn’t find the solution that worked for me (hosting a VPS with Vultr and a Cyberpanel image) – it would be the same if you were at DigitalOcean or Linode, as the issue is with cloudflare and litespeed webserver.
The problem is that phpBB uses the REMOTE_ADDR information for comparing with Spamhaus. The thread I linked above does have a potential solution, but it involves changing the phpBB code:
OPEN ROOT/phpbb/session.php (line 293 approx.)
FIND
$ip = htmlspecialchars_decode($request->server('REMOTE_ADDR'));
REPLACE WITH
$ip = (htmlspecialchars_decode($request->server('HTTP_X_FORWARDED_FOR') != '')
? htmlspecialchars_decode($request->server('HTTP_X_FORWARDED_FOR'))
: htmlspecialchars_decode($request->server('SERVER_ADDR'))
);
And re-enable Spamhaus. And see what happens.
I did not try that, as I’d rather find a solution that does not involve changing the code. I eventually found the solution with this thread explaining how to show the real visitor’s IP address instead of a cloudflare IP address.
It involved logging into to the litespeed control panel directly, which I hadn’t done yet. Instead of going to the domain:8090 for the cyberpanel control panel, you go to domain:7080 and use the same username/password as for cyberpanel.
Within litespeed control panel, you change the “Use Client IP in Header” setting to “Keep Header from Trusted IP”
The original instructions I found also had me add Cloudflare’s IP addresses to the “allowed list” under “Security” and “Access Control”, but the most current instructions say that litespeed automatically includes Cloudflare IP’s in the allowed list now.
I was all excited I had figured it out, only to have it make zero difference. I missed one important step – restarting the litespeed server!! Once I restarted the litespeed server, it worked exactly as it is supposed to do.
Hope this helps someone else get to the solution more quickly.