I0_PROXY_FORWARDING_BANS

config.php

@@ -121,6 +121,7 @@ if (!$cache_loaded) {
 		$cf['I0_SAGE_DISABLED'] = false; // Disable sage function if you don't want anyone to abuse CSAM necroposting
 		$cf['I0_DISABLE_BAD_PROXY_POSTING'] = false; // If CF can't get user's GeoIP - then the proxy is marked as bad (xx country)
 		$cf['I0_DISABLE_TOR_POSTING'] = false; // Disable posting with T1 country detected by CF
+		$cf['I0_PROXY_FORWARDING_BANS'] = false; // Ban by forwarded ip, not by REMOTE_ADDR
 		if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && $_SERVER['HTTP_X_FORWARDED_FOR']) {
 			$cf['I0_USER_IP'] = $_SERVER['HTTP_X_FORWARDED_FOR']; // for use with CF IP forwarding
 		} else {

inc/classes/bans.class.php

@@ -122,7 +122,11 @@ class Bans {
 		$htaccess_contents_bans_iplist = '';
 		$results = $tc_db->GetAll("SELECT `ip` FROM `".KU_DBPREFIX."banlist` WHERE `allowread` = 0 AND `type` = 0 AND (`expired` =  1) ORDER BY `ip` ASC");
 		if (count($results) > 0) {
-			$htaccess_contents_bans_iplist .= 'RewriteCond %{REMOTE_ADDR} (';
+			if (I0_PROXY_FORWARDING_BANS) {
+				$htaccess_contents_bans_iplist .= 'RewriteCond %{HTTP_X_FORWARDED_FOR} (';
+			} else {
+				$htaccess_contents_bans_iplist .= 'RewriteCond %{REMOTE_ADDR} (';
+			}
 			foreach($results AS $line) {
 				$htaccess_contents_bans_iplist .= str_replace('.', '\\.', md5_decrypt($line['ip'], KU_RANDOMSEED)) . '|';
 			}