Symptoms
With Imunify360 webshield, you find that IP addresses are still being logged as from localhost (127.0.0.1), this is in the cPanel access logs, login logs, as well as the .lastlogin file in user accounts.
CONFIG_TEXT: [2026-06-19 12:45:46 +0000] warn [cpaneld] proxy trust miss: X-Forwarded-For ignored; localhost peer [127.0.0.1:58312:10.2.34.70:2083] peer UID=975 untrusted
[2026-06-19 12:45:46 +0000] warn [cpaneld] proxy trust miss: X-Forwarded-For ignored; localhost peer [127.0.0.1:58320:10.2.34.70:2083] peer UID=975 untrusted
Cause
This appears to be caused by a conflict with internal proxying of localhost (127.0.0.1) with cpsrvd controlled interfaces covered by the Imunify360 webshield software. We have opened an internal case with our developers with case ID CPANEL-54119 to review this behavior further.
Resolution
Disabling Imunify360-webshield will temporarily address this behavior until a resolution is found.
Comments
0 comments
Article is closed for comments.