Extension:TrustedXFF

From mediawiki.org
MediaWiki extensions manual
TrustedXFF
Release status: stable
Description Handling of trusted proxy addresses (XFF)
Author(s) Tim Starlingtalk
Latest version 2.0.0
MediaWiki >= 1.42
License GNU General Public License 2.0 or later
Download
Example mediawiki.org
Quarterly downloads 6 (Ranked 144th)
Public wikis using 868 (Ranked 275th)
Translate the TrustedXFF extension if it is available at translatewiki.net
Issues Open tasks · Report a bug

The TrustedXFF extension maintains a list of trusted hosts in a file in a PHP array format. For details, see meta:XFF project.

The file can be generated using the generate.php maintenance script.

Installation[edit]

  • Download and move the extracted TrustedXFF folder to your extensions/ directory.
    Developers and code contributors should install the extension from Git instead, using:cd extensions/
    git clone https://gerrit.wikimedia.org/r/mediawiki/extensions/TrustedXFF
  • Add the following code at the bottom of your LocalSettings.php file:
    wfLoadExtension( 'TrustedXFF' );
    
  • Yes Done – Navigate to Special:Version on your wiki to verify that the extension is successfully installed.


Limitations[edit]

  • Useless where X-Forwarded-For is unavailable. As of 2019, many wikis force HTTPS for all things. Any manipulation with headers on a proxy compromises HTTPs server authentication unless the proxy possesses an SSL certificate authoritative for the wiki in question. It makes the extension far less useful nowadays than it was originally envisaged.


See also[edit]