Varnish not passing user IP correctly to MediaWiki

FHannes asked:

I’m running a setup with Nginx, FastCGI, APC, Memcache and Varnish to host a MediaWiki installation. I’m having some issues with recent changes showing up as coming from in the case of anonymous users. I suspected the issue to be that Varnish doesn’t pass on the user IP to Nginx properly, but I do have this in my vcl_recv:

# Set client IP
if (req.http.x-forwarded-for) {
    set req.http.X-Forwarded-For =
    req.http.X-Forwarded-For + ", " + client.ip;
} else {
    set req.http.X-Forwarded-For = client.ip;

Could anyone tell me what else I might need to verify that could cause this issue? Because I’m at a loss…

My answer:

You must configure MediaWiki so that it will actually obey the X-Forwarded-For header. Without these settings, MediaWiki will ignore it.

(For historical reasons all of these configuration options refer to Squid…)

At a minimum, these lines must be in your LocalSettings.php:

$wgUseSquid = true;
$wgSquidServers = array(''); # IP address of your varnish server

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.