Nginx PM not recognizing my actual IP I am connecting with, but rather a Cloudflare IP.

[schevenin]

Checklist

• Please read the setup instructions
• Please read the FAQ

Done.

What is troubling you?
Like the title states, Nginx PM isn't recognizing my actual IP I am connecting with, but rather a Cloudflare IP as shown in the logs inside proxy_hosts. When I disable the proxy on my records in Cloudflare, the access lists works as expected; it is able to read my real IP address and I am let into the website. However, when the proxy is turned on and I attempt to connect to my site with an access list that allows my IP, I still get denied access due to the fact that I was connecting through Cloudflares proxy.

This is my first time submitting an issue, so I hope I made that clear enough. I have been looking around the internet to see if other people had similar issues but I have yet to find someone in the same boat. This is about as close as I've come to find a solution: https://www.cyberciti.biz/faq/nginx-restore-real-ip-address-when-behind-a-reverse-proxy/

Is there something I am doing wrong? Thank you!

[Rustymage]

Perhaps v2.6.0 may enable client IP again.

#112 (comment)

[Cosmonear]

I have the same issue. I have commented this issue : #112

It worked for me when i used a another docker for my reverse proxy, see this comment : #112

[jmcscorrea]

I'm experiencing the same issue on v2.7.2.

[Rustymage]

I'm experiencing the same issue on v2.7.2.

Try v2.6.0

[Allram]

It works for me on v2.7.2 with adding this in the advanced section on t.ex Plex:

real_ip_header CF-Connecting-IP;
#real_ip_header X-Forwarded-For;

[rtm516]

It works for me on v2.7.2 with adding this in the advanced section on t.ex Plex:

real_ip_header CF-Connecting-IP;
#real_ip_header X-Forwarded-For;

This is still required in 2.8.0

Looks like it was caused by either one of these commits
13eaa34
f192748

[techc0de]

I tried this method but it only working for other services.
When I'm using NPM domain with Access List, it not working whether Cloudflare proxy is enabled or disabled.

[Rhandyx]

Anyone can help! I have same issue.
I have 3 vms
1st vm running NPM as reverse proxy
Other 2 vms are running in apache webserver.
But I only get cloudflare IPs.
Where I can change the proxy conf to get real Ips?

I dont know where to change it. Im new with docker. Is my first use.

[Rhandyx]

I fix it!
Sorry.
Fisrt I have to enable apache remoteip module.

and add this lines
RemoteIPHeader X-Forwarded-For RemoteIPInternalProxy 192.168.1.X

After I have to create on custom file
vi /data/nginx/custom/server_proxy.conf
and add this
real_ip_header CF-Connecting-IP;

[sunrisepi]

It works for me on v2.7.2 with adding this in the advanced section on t.ex Plex:

real_ip_header CF-Connecting-IP;
#real_ip_header X-Forwarded-For;

Thank you @Allram ! That fixed the issue I was having with access lists not working when using NGINX PM v2.8.0 with a cloudflare-hosted domain. Now I am able to use my real IP with access lists, to lock down access to my own network.

FYI @schevenin not sure if you saw that, may be worth a try.

[techc0de]

Hi,
I having the same issue here.
I added the 'real_ip_header CF-Connecting-IP;' in the Advanced section.
It working for other subdomains but not for the NPM site itself.
It allows me to type in my email address and credentials but not let me log in.
No error message display.

[stavros-k]

Hey, while real_ip_header CF-Connecting-IP works while i'm behind CF, i want to have the equivalent when i am on DNS only mode.
I tried real_ip_header X-Forwarded-For; but it doesn't work. It shows my servers gateway ip (eg. 192.168.1.1)

Is there any other header?