Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/kirsch33/realip
realip module for Caddy v2
https://github.com/kirsch33/realip
Last synced: about 2 months ago
JSON representation
realip module for Caddy v2
- Host: GitHub
- URL: https://github.com/kirsch33/realip
- Owner: kirsch33
- License: mit
- Created: 2020-10-31T01:17:52.000Z (about 4 years ago)
- Default Branch: master
- Last Pushed: 2023-04-06T15:23:07.000Z (over 1 year ago)
- Last Synced: 2024-08-01T03:33:01.376Z (4 months ago)
- Language: Go
- Homepage: https://github.com/kirsch33/realip
- Size: 69.3 KB
- Stars: 42
- Watchers: 6
- Forks: 4
- Open Issues: 3
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
- stars - kirsch33/realip
README
# realip for Caddy v2
This repo is a port of captncraig's "realip" module to Caddy v2. See original plugin below:
https://github.com/captncraig/caddy-realip
## **UPDATE 04/06/2023**
Upon upcoming release of Caddy 2.7 this plugin should no longer be required. See discussion at [this link.](https://github.com/kirsch33/realip/issues/14)## **IMPORTANT**
Effective as of Caddy 2.5.x, this plugin no longer works. See the following thread for additional information on the specifics:
https://caddy.community/t/trouble-with-logging-changes/16408If you want to continue using this plugin, do not upgrade your Caddy instance beyond 2.4.6.
## Syntax
```Caddyfile# tell caddy to process realip before other plugins
order realip firstrealip {
header name
from cidr
maxhops #
strict
}
```
`name` is the name of the header containing the actual IP address. recommended value is "X-Forwarded-For".`cidr` is the address range of expected proxy servers. As a security measure, IP headers are only accepted from known proxy servers. Must be a valid cidr block notation. This may be specified multiple times. `cloudflare` and `cloudfront` are currently supported.
`maxhops` specifies a limiting number of forwards if using "X-Forwarded-For" or similar headers as the identifier. Recommended value is 5.
`strict`, if specified, will reject requests from unkown proxy IPs with a 403 status. If not specified, it will simply leave the original IP in place.
## Example
Simple usage to read `X-Forwarded-For` from cloudflare:
```Caddyfile
# tell caddy to process realip before other plugins
order realip firstrealip {
header "X-Forwarded-For"
from cloudflare
maxhops 5
}
```