Cloudflare Rails
fix request.ip and request.remote_ip in rails when using cloudflare
Overview
The CloudflareRails gem simplifies the integration of Cloudflare with Ruby on Rails applications, making it easy to handle real user IP addresses while maintaining security against potential spoofing attacks. This gem ensures that both request.remote_ip and request.ip provide the correct IP addresses. It adds a valuable method, #cloudflare?, directly to the Rack::Request, enhancing the functionality for Rails developers who are working with Cloudflare's infrastructure.
Configuring Rails to work properly with Cloudflare can be tricky, especially when it comes to identifying authentic IP addresses of incoming requests. This gem addresses these challenges dynamically, ensuring that applications can rely on accurate IP information while mitigating potential security risks.
Features
-
Correct IP Handling: Ensures
request.remote_ipandrequest.ipreturn legitimate user IPs by stabilizing integration with Cloudflare. -
Compatibility with Rails Versions: Supports activesupport, railties, and actionpack from version 7.2 and older versions with specific compatibility gems.
-
Security Enhancements: Mitigates spoofing attacks by verifying incoming request IPs against Cloudflare's recognized address ranges.
-
Easy Installation: Simplifies setup by allowing developers to add a single line to their Gemfile to initiate usage.
-
Custom Proxy Settings: Provides additional configuration for Kamal deployments to ensure that SSL header forwarding works seamlessly with Cloudflare.
-
Caching Mechanism: Efficiently fetches and caches Cloudflare's current IPv4 and IPv6 lists to keep the application aligned with valid proxy addresses.
-
Extended Middleware Functionality: Patches Rack::Request::Helpers and ActionDispatch::RemoteIP for enhanced IP address trustworthiness.
-
User-Friendly Method: Introduces the
#cloudflare?method to easily identify if the request is coming through Cloudflare.