The current implementation relies on user to configure the set of trusted proxy_host_headers and proxy_client_headers, and takes the last IP in a list.
Where there are multiple proxy server IPs, these IPs should be skipped, if any appear in the header.
Note: this isn't a typical use case, but is a feature that I've seen elsewhere (eg Drupal).
Should support CIDR notation (previously suggested for SitesManager in #1775).
For example, CloudFlare's IP range is:
This ticket will also handle the use case described in #2077 of filtering out private and reserved IP addresses, e.g.,
(In [4533]) fixes #1111 - add support for IPv6 addresses (tracking, anonymization, and exclusion)
fixes #2095 - add new anonymization hook (pre-heuristics)
fixes #2055 - optional IP filter when multiple proxies present
fixes #1775 - SitesManager: supports CIDR notation for IP exclusion
Notes:
select inet_ntoa(conv(hex(location_ip), 16, 10)) from piwik_log_visit;
The filter fails on IPv6 addresses because the IPv6 address in HTTP-X-Forwarded-Host is in square brackets.
The filter also fails on domain names because the filter assumes the list only contains IP addresses. (Regression)
(In [4539]) refs #2055 - add unit tests
(In [4540]) fixes #2055