If you are using MDOQ's managed Magento hosting, or you use a WAF there is a chance that you may need to let Magento know that the customers real IP is under a different header. A common symptom of this problem is your IP not by passing the maintenance page whites list. (Maintenance IP not working).
How To Fix
The fix for this is relativley simple.
- Create a development instance. (If you're not on MDOQ you will need a development environment)
- Determine your current IP, you can visit this page: http://checkip.amazonaws.com/
- Add the following to the top of your `pub/index.php` file (right after the <?php entry)
header("Cache-Control: no-store, no-cache, must-revalidate, max-age=0");
header("Cache-Control: post-check=0, pre-check=0", false);
header("Pragma: no-cache");
echo '<pre>';
print_r($_SERVER);
die; - Visit the frontend of your instance (you should get a white page with a list of values)
- Search for your IP on this page (in this example, my IP is "123.123.123.123"
- Here we can see that the "header" containing true IP is "HTTP_X_REAL_IP" though this value may be different for you.
You can now remove your changes from `pub/index/php` - Add the following to the bottom off `app/etc/di.xml` (right before the closing `</config>` element. (Changing HTTP_X_REAL_IP to match your custom header)
<type name="Magento\Framework\HTTP\PhpEnvironment\RemoteAddress">
<arguments>
<argument name="alternativeHeaders" xsi:type="array">
<item name="x-client-ip" xsi:type="string">HTTP_X_REAL_IP</item>
</argument>
</arguments>
</type> - Redeploy Magento: `php bin/magento cache:flush && php bin/magento deploy:mode:set production`
- Test that enabling maintenance mode and adding your IP to the whitelist works
- All done, you can now commit `app/etc/di.xml` to source control and take the work live.
Good to know
- Because we are changing `app/etc/di.xml` when upgrading Magento this change may get undone, there are a couple of options to get around this: Including this change in a module, create a patch file.