[BUG] BunkerWeb bans CDN IP instead of real client IP

[hesamgholami]

What happened?

I want to block clients based on bad behavior using their real IP addresses. I enabled USE_REAL_IP in BunkerWeb and configured the real IP header to use the X-Forwarded-For value. However, BunkerWeb still bans the IP address of the CDN instead of the actual client's IP.

I checked the requests coming from the CDN, and I can confirm that the real client IP is present in the X-Forwarded-For header.

How to reproduce?

1. Deploy BunkerWeb behind a CDN.

2. Enable USE_REAL_IP in the BunkerWeb configuration.

3. Set the real IP source to X-Forwarded-For.

4. Trigger a ban condition (e.g., repeated failed requests).

5. Observe that the banned IP is the CDN's IP, not the client's IP.

Configuration file(s) (yaml or .env)

Relevant log output

BunkerWeb version

1.5.9

What integration are you using?

Linux

Linux distribution (if applicable)

Debian 12

Removed private data

• I have removed all private data from the configuration file and the logs

Code of Conduct

• I agree to follow this project's Code of Conduct

[TheophileDiot]

Hi @hesamgholami, thanks for opening this issue! It looks like the problem might be related to your real IP configuration. Let us know if you need help checking or updating it.
https://docs.bunkerweb.io/1.5/quickstart-guide/#behind-load-balancer-or-reverse-proxy