Enable Both X-Real-IP and X-Forwarded-For in Nginx

on

j7an asked:

How do I enable both X-Real-IP and X-Forwarded-For in Nginx? I currently have the following to get real IPs in Docker network.

set_real_ip_from  172.18.0.0/32;
real_ip_header    X-Real-IP;
real_ip_recursive on;

I would also like to pass real IPs from Cloudflare to Docker containers as well. How do I use both X-Real-IP and X-Forwarded-For in same configuration, one set of IPs for X-Real-IP and one set of IPs for X-Forwarded-For?

My answer:

If you’re trying to get real IPs from behind CloudFlare, you should instead use their own header, CF-Connecting-IP. You should ignore the other headers if you haven’t generated them yourself, as they may be faked by the client.

real_ip_header CF-Connecting-IP;

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Related Post

How to fetch ssh keys from servers?

What application is connecting to a remote site?

apt-get not found on my VPS?

Configuring Nginx to redirect different servers

SELinux – canonical way of automatically applying a context on file creation

/dev/sda1 not in a volume group, and vgextend doesn't work