-
Notifications
You must be signed in to change notification settings - Fork 184
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add an option to trust headers set by reverse proxies #1162
Conversation
eg Cloudflare, kubernetes ingresses etc
README.md
Outdated
@@ -252,6 +252,10 @@ mail: | |||
encryption: tls | |||
auth_mode: ~ | |||
``` | |||
### [Running behind a trusted proxy](#run-trusted-proxy) | |||
|
|||
If you are running open cfp behing a proxy server which adds X-Forwarded-For headers (this could be a cloud based load balancer or a service such as cloudflare) you will need to set the environment variable TRUST_PROXIES to true this will ensure that opencfp trusts the headers set by these proxies for the original IP address and ssl mode. Setting this will trust these headers regardless of where the original request originates, so it's advisable to either lock down your instance so that only the trusted proxy can access it, or modifiy the list of trusted proxies in the index.php file to only include the ip addresses of your proxies. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The project name is OpenCFP
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also: modifiy
should be modify
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Apologies for chiming it, but I think it also should be Cloudflare
, see https://www.cloudflare.com.
Can you take another look, please? |
Yep, just haven't had time yet |
eg Cloudflare, kubernetes ingresses etc
Going to tidy up and test this tomorrow, putting in a PR as a reminder