You know that time you realized that you have been doing something the wrong way for a very long time and then finally realize the wrongness. For the sake of the low profanity rating of this blog, let’s call these golly gosh moments, although the Millennials might better understand #FML. Homer just says do’h.
So it’s just a normal day at the office, and I want to see if I can make an IP address lookup to get the approximate geo-location of a website visitor. I find an IP and it starts with 10 and turns out to be part of a private IP range. The next IP is the same. And the next.
To make a long story short, it turned out that we have been saving Heroku IP addresses in our logs instead of the user IP address for all our widget tracking for all of time. Heroku is a proxy, so the actual IP address is in an
X-Forwarded-For header. For educational purposes here is how to make an express.js app behave better with a trusted proxy:
// App is an express.js app app.enable('trust proxy'); // req.ip now contains the correct // IP address during requests.
A one-liner made a world of difference for the logging. Golly Gosh.