Suhosin and Server Info strange goings on..

[dgent]

Ive got a problem with the who's online list showing identical IPs for every customer, which Ive read on here can be related to a server running Suhosin, which the one Im on uses...

My webhosting company have said they have turned it off for my website, but every time I look at ServerInfo in admin, it says its still running with full options..

If I run phpinfo(0) from the root of my website, ie outside of Zencart admin, Suhosin does not show up at all as active or installed

But if I move the phpinfo(0) file into the admin directory, and run it from there, it says Suhosin is running with full options again...

How is this?

And which is correct?

[dgent]

I have this issue since being moved to a new server, and the host really can't seem to find the problem. If I do an IP check from outside of Zencart, its correct, but If I use the whos online inside the admin, or view my IP on the index page, its always the same as the IP of the domain.

Where does Zencart get its user IP address info from? And what could be masking it?

[DrByte]

Where does Zencart get its user IP address info from? And what could be masking it?

It gets it from PHP via $_SERVER['REMOTE_ADDR'], which gets it from Apache, which supplies the info based on the Apache configuration of the server, which is under the control of your hosting company's server administrator.

[dgent]

Hi Dr Byte

Do you have an experience in this kind of thing?. My host hasnt got a clue why this is happening, and has totally removed Suhosin from their server now and still the same identical IP's in who's online, and on the index page.

Do you have any idea regarding servers and Zencart how this could be happening. Once again, If I run an visitor IP check from outside Zencart it reads correctly.

[DrByte]

I have this issue since being moved to a new server

Same hosting company? or is did your "new server" also come with a new administrator?
Certainly does point the problem specifically at the new server and/or the network in which it resides.

its always the same as the IP of the domain.

Again, that's the Apache configuration returning the result.
Has the hosting company set up some IP masking or proxying etc in their firewall?

If I run an visitor IP check

Please explain.

[dgent]

Same hosting company? or is did your "new server" also come with a new administrator?
Certainly does point the problem specifically at the new server and/or the network in which it resides.

Again, that's the Apache configuration returning the result.
Has the hosting company set up some IP masking or proxying etc in their firewall?
Please explain.

New server is with the same hosting company, same admins.

Ill look into the IP masking, but then it works with any program that shows the IP address outside of Zencart. I found a php script that allows me to show the visitor IP..

http://www.chameleondirect.co.uk/ip2.php

This shows the correct IP address, but if you run who's online from inside Zencart, all the IP's are the same - So even though it is a server issue, its still Zen/Server related..

Edit - that script retrieves the IP via javascript, if you try and retrieve it via PHP it comes back always with the server address.

http://www.chameleondirect.co.uk/ip.php

[DrByte]

Edit - that script retrieves the IP via javascript, if you try and retrieve it via PHP it comes back always with the server address.

Right, so, that just confirms again that the problem is with your server configuration.
The javascript runs client-side, in the visitor's browser. Completely unnecessary if the server is configured properly.

Once again it confirms that the configuration of your new server is preventing PHP from receiving valid IP information about the visitor. Something is telling Apache and/or PHP the wrong data, or masking it because of some overaggressive security setting.

[BlindSide]

Edit - that script retrieves the IP via javascript, if you try and retrieve it via PHP it comes back always with the server address

When that happens, it could indicate that Apache is running your site in CGI mode. Combined with PHP Suhosin, and your host is trying very hard to keep things very secure. Perhaps too hard.

I find the fact that your host can't solve this issue disconcerting. Were I admin'ing your server, the test cases and example pages you provided would likely be enough to identify and correct the issue. The best solution may be to avoid the problem: get a new host.

[dgent]

When that happens, it could indicate that Apache is running your site in CGI mode. Combined with PHP Suhosin, and your host is trying very hard to keep things very secure. Perhaps too hard.

I find the fact that your host can't solve this issue disconcerting. Were I admin'ing your server, the test cases and example pages you provided would likely be enough to identify and correct the issue. The best solution may be to avoid the problem: get a new host.

Sure, can you point me to a host that has no problems with anything whatsoever please...

It is their eccomerce server, and yes Apache is running as CGI. Would this always cause this issue then?

[BlindSide]

[Edit]

Another possibility would be running your site through a proxy, which complicates things even further. Again, this is all on your host to solve.