This documentation is only valid for older versions of Wordfence. If you are using Wordfence 7 or later, please visit our.
IP addresses in Live Traffic are all the same, or visitors are blocked without breaking any rules
If your site is using a "reverse proxy", Wordfence may not see visitors' own IP addresses, and could see the address of the proxy instead. This may be something your host has set up (usually Varnish or nginx in certain setups), or it could be something you have set up yourself, such as CloudFlare.
To confirm if this is causing a problem on your site:
- If you are using a caching plugin, temporarily turn off the cache
- In a separate browser where you are not logged into the site, visit the site like a regular user would
- Go to the Live Traffic page, on the Wordfence menu and look at your own visit near the top of the list, to confirm if your IP appears correctly
- If you are not sure what your current IP is, you can use a site like whatismyip.com to see your public IP
If the IP addresses shown are not correct, you will need to set the option "How does Wordfence get IPs" on the Wordfence Options page. Depending on what software your server is using, you may need to choose the X-Real-IP or X-Forwarded-For option, or if you use CloudFlare, then choose the CF-Connecting-IP option. More details on the options are here: How does Wordfence get IPs
After setting the option, you can verify it is working by looking at the Live Traffic page and visiting the site in a separate browser where you are not logged in again, and verify that your own IP appears in your own visits. If Live Traffic is disabled, you can log in in using the second browser, since logins and logouts are still recorded. If you temporarily disabled a caching plugin, remember to re-enable it.