Anyone familiar with setting up Hestiacp with Oracle Cloud?

dotasense · August 10, 2024, 6:34pm

I have completed the HestiaCP setup with Oracle Cloud (ARM cloud) by following the tutorial from this video: https://www.youtube.com/watch?v=Hz58Zkke4VE&list=PLSk3zfDlC1f_Up6GBgckMIqLdS_HRjdEy

I have also finished opening ports with iptables, ingress and others for HestiaCP. The installation of HestiaCP was successful and after that I installed wordpress and ran the blog. It is accessible to the public. What is the problem, every comment I get from the Wordpress blog shows that it comes from the private ip server that I set which is 10.0.0.10. (Picture attached)

ss-wp-comment-private-ip

My question is, what makes it like that, is there something wrong with the network configuration in Oracle Cloud? Hope someone can help me.

Maxi · August 12, 2024, 6:44pm

I also noticed that on an Oracle Cloud server I have, the problem is not Oracle or the network configuration, it is the Nginx Reverse Proxy, in the Nginx configuration you must use the "X-Forwarded-For" header, in my case it was there by default but it still didn’t show the correct IP in Wordpress, the solution is to edit the wp-config.php file and add the following code:

if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) {
    $xffaddrs = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']);
    $_SERVER['REMOTE_ADDR'] = $xffaddrs[0];
}

dotasense · August 12, 2024, 10:23pm

So “HTTP_X_FORWARDED_FOR” variable header is used to forward client ip? How about the other cms or website? What is the proper way to add this “HTTP_X_FORWARDED_FOR” to nginx config for other cms/webpage?

Maxi · August 12, 2024, 11:02pm

I only noticed the problem with Wordpress, I don’t know if the same thing happens in another CMS, on sites with own development it seems not.

dotasense · August 16, 2024, 5:36am

I installed HestiaCP using the default installation which includes nginx + apache. The above problem occurs when I use default.tpl with manual Wordpress Installation.

What I did was going to /usr/local/hestia/data/templates/web/nginx/php-fpm/ folder. Copy wordpress.tpl and wordpress.stpl to the folder /usr/local/hestia/data/templates/web/nginx/.

Change %web_port% to %proxy_port% in wordpress.tpl and change %web_ssl_port% to %proxy_ssl_port% in wordpress.stpl. Then use wordpress proxy template and the new commenter’s ip no longer shows it is coming from private ip.

I’m not sure it’s the right way. But for now it works fine.

Maxi · August 20, 2024, 12:24am

Good solution, it looks correct.

Maxi · November 24, 2024, 10:51pm

Hi, I had this problem now and I remembered this topic, I found another solution and I share it in case someone has this problem.

Check that the file /etc/apache2/mods-enabled/remoteip.conf has the following configuration:

<IfModule mod_remoteip.c>
  RemoteIPHeader X-Real-IP
  RemoteIPInternalProxy 127.0.0.1
  RemoteIPInternalProxy 10.0.x.x    # Your server's private IP
  RemoteIPInternalProxy 68.178.x.x  # Your server's public IP
</IfModule>

On one of my servers the private IP line of the server was not there, when adding it and saving it you have to run sudo systemctl restart apache2 and that’s it.

It doesn’t only work for wordpress but in general.

dotasense · March 8, 2025, 6:35pm

Thanks for sharing your method.