I am running Rails 3.2.21 on Heroku and yesterday I started seeing a low occurrence exceptions with this signature:
ActionDispatch::RemoteIp::IpSpoofAttackError: IP spoofing attack?!HTTP_CLIENT_IP="10.166.210.93"HTTP_X_FORWARDED_FOR="10.166.210.93, 188.8.131.52"
here is the full stacktrace:
Heroku says this is a "false positive" and suggested I turn this off in m app config:
config.action_dispatch.ip_spoofing_check = false
However, they are unable to explain why we've been running for 2 months on their platform until yesterday without this popping up, and yesterday was the first occurrence of it.