Forwarding real remote IP to proxied server with Nginx

[ggriffinorg]

Hi,

We are using you awesome solution in production environments without any issues. TY for this excellent Nginx Reverse Proxy.
But with MFA being the normal security standard we need to be able at application level to perform an IP address filtering to require MFA when users connect from outside the trusted networks and locations.

We bypassed the issue by adding manually

proxy_set_header X-Real-IP $remote_addr;

but obviously after a container update we need to perform the task again.

Could it be possible to add the Nginx Directive as default in your container?
TY in advance.
BR
Greg

[loveu5522]

你好，请问这个命令如何使用，添加到高级里么

[weasam]

I have the problem to get real IP. my setup like this
network flows: Internet > router > server 1 > server 2
Server 1: Nginx Proxy Manager only ## this is a only proxy server
Server 2: Nginx proxied sites

I noticed when both server 1 and server 2 are using nginx, the website in server 2 could not get the visitor real IP
this maybe cause by this routing have too much header layers, header1 and header 2, anyone have solve this problem?

[Mainfrezzer]

We bypassed the issue by adding manually

proxy_set_header X-Real-IP $remote_addr;

but obviously after a container update we need to perform the task again.

If you manually edit the prox conf while nginx is not running and then start nginx, it sticks forever unless you do the same step in reverse or delete it.

If you want a permanent GUI solution, it already exists.

[jacksonm36]

hey can u post me the code here ?

[Mainfrezzer]

set_real_ip_from  1234:5678:9101:abcd:efgh:ijkl:mnop:qrst;
set_real_ip_from  XXX.XX.XX.XX;
real_ip_header X-Forwarded-For;

the set_real_ip_from are the ips from my 1st reverse proxy. this is the code in the second reverse proxy.

As stated before, editing the config file while the container isnt running should result in the same permanent change.

[github-actions]

Issue is now considered stale. If you want to keep it open, please comment 👍

[github-actions]

Issue was closed due to inactivity.