Remove use of headers that can be used to bypass anti-brute force controls

This commit is contained in:
Rob 2019-10-05 18:21:28 +01:00
parent da94b43e84
commit b5afd44195
No known key found for this signature in database
GPG Key ID: 98E7DDAFB8256D96

View File

@ -107,13 +107,6 @@ class Security extends dbJSON
public function getUserIp()
{
if (getenv('HTTP_X_FORWARDED_FOR')) {
$ip = getenv('HTTP_X_FORWARDED_FOR');
} elseif (getenv('HTTP_CLIENT_IP')) {
$ip = getenv('HTTP_CLIENT_IP');
} else {
$ip = getenv('REMOTE_ADDR');
}
return $ip;
return getenv('REMOTE_ADDR');
}
}