Enable Both X-Real-IP and X-Forwarded-For in Nginx

on

j7an asked:

How do I enable both X-Real-IP and X-Forwarded-For in Nginx? I currently have the following to get real IPs in Docker network.

set_real_ip_from  172.18.0.0/32;
real_ip_header    X-Real-IP;
real_ip_recursive on;

I would also like to pass real IPs from Cloudflare to Docker containers as well. How do I use both X-Real-IP and X-Forwarded-For in same configuration, one set of IPs for X-Real-IP and one set of IPs for X-Forwarded-For?

My answer:

If you’re trying to get real IPs from behind CloudFlare, you should instead use their own header, CF-Connecting-IP. You should ignore the other headers if you haven’t generated them yourself, as they may be faked by the client.

real_ip_header CF-Connecting-IP;

View the full question and any other answers on Server Fault.

Creative Commons License
This work is licensed under a Creative Commons Attribution-ShareAlike 3.0 Unported License.

Related Post

How to change NGINX server name

Bouncing email due to bad initial MX TTL?

Stop showing server software version information on 404

VirtualMIn Failed to detect operating system on Amazon Linux AMI release 2013.03

Fail2ban without proactive mode

Remote Session: Switching from Desktop to Metro Mode Windows Server 2012