Login Sessions always 127.0.0.1
-
Hi guys,
I got a nasty problem with nodebb and nginx reverse proxying as nodebb logs every IP as 127.0.0.1
Any ideas what I'm doing wrong?config.json
{ "url":"http://board.domain.com", "use_port": false, "secret":"some secret", "mongo":{ "username":"", "host":"databasehost", "password":"mypw", "port":"27017", "database":"nodebb" }, "database":"mongo" }
nginx:
server { listen 80; server_name board.domain.com; return 301 https://$host$request_uri; } upstream board { server 127.0.0.1:4567; } server { listen 443 ssl http2; gzip off; ssl on; ssl_certificate /path/to/fullchain.pem; ssl_certificate_key /path/to/privkey.pem; ssl_dhparam ssl/dhparam-board.pem; server_name board.domain.com; access_log syslog:server=syslog:12301 graylog2_format; error_log syslog:server=syslog:12302; location / { proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forward-For $proxy_add_x_forwarded_for; proxy_set_header X-Forward-Proto http; proxy_set_header Host $http_host; proxy_set_header X-Nginx-Proxy true; proxy_pass http://board; proxy_redirect off; # Socket.IO proxy_http_version 1.1; proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; } }
-
your site is https, but you are using http in the configs
"url":"http://board.domain.com",
needs to be"url":"https://board.domain.com",
this is the part that makes the ips not show up
proxy_set_header X-Forward-Proto http;
should be either
proxy_set_header X-Forwarded-Proto https;
or better
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forward-For $proxy_add_x_forwarded_for;
should be
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
theres some explanation for those headers here:
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-ProtoX-Forwarded-For - HTTP | MDN
The HTTP X-Forwarded-For (XFF) request header is a de-facto standard header for identifying the originating IP address of a client connecting to a web server through a proxy server.
MDN Web Docs (developer.mozilla.org)