• Synchronet Web Service Question

    From WitNik@VERT/BGGRSCYN to All on Saturday, July 03, 2021 15:33:51
    I've recently configured a reverse http/https proxy in front of my SBBS. My setup is working well; however, SBBS is currently logging all web traffic (IP addresses) as coming from the reverse proxy vs. the Internet-based clients.

    Is there a way to cause SBBS to "trust" the proxy address and read the standard X-Forwarded-For headers provided by the proxy to log external client IPs?

    I had looked in the docs/wiki and was unable to find anything relevant.

    Thanks in advance,
    -WitNik

    -WitNik

    ---
    ■ Synchronet ■ * Origin: Beggar's Canyon - beggarscyn.com *
  • From Ragnarok@VERT/DOCKSUD to WitNik on Saturday, July 03, 2021 20:48:02
    El 3/7/21 a las 19:33, WitNik escribió:
    I've recently configured a reverse http/https proxy in front of my SBBS. My setup is working well; however, SBBS is currently logging all web traffic (IP addresses) as coming from the reverse proxy vs. the Internet-based clients.

    Is there a way to cause SBBS to "trust" the proxy address and read the standard X-Forwarded-For headers provided by the proxy to log external client IPs?

    I had looked in the docs/wiki and was unable to find anything relevant.

    Thanks in advance,
    -WitNik

    i have same issue on nginx

    location @app {
    rewrite /web(.*) /$1 break;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $remote_addr;
    proxy_set_header Host $host;
    proxy_pass http://127.0.0.1:8088;
    proxy_redirect off;
    }

    the log show connection from 127.0.0.1,

    this issue also occurs on websocket proxy

    ---
    ■ Synchronet ■ Dock Sud BBS TLD 24 HS - bbs.docksud.com.ar
  • From poindexter FORTRAN@VERT/REALITY to WitNik on Wednesday, July 07, 2021 07:49:00
    WitNik wrote to All <=-

    I've recently configured a reverse http/https proxy in front of my
    SBBS. My setup is working well; however, SBBS is currently logging all
    web traffic (IP addresses) as coming from the reverse proxy vs. the Internet-based clients.

    If you don't mind me asking, what are you using? I'm setting up nginx now, mostly because I want my Letsencrypt-enabled systems to auto-update without having to repoint my NAT rules at renewal time, and I know nginx.


    ... Do the words need changing?
    --- MultiMail/DOS v0.52
  • From WitNik@VERT/BGGRSCYN to poindexter FORTRAN on Friday, July 09, 2021 20:53:00
    Re: Re: Synchronet Web Service Question
    By: poindexter FORTRAN to WitNik on Wed Jul 07 2021 07:49 am

    If you don't mind me asking, what are you using? I'm setting up nginx now, mostly because I want my Letsencrypt-enabled systems to auto-update without having to repoint my NAT rules at renewal time, and I know nginx.


    Same (nginx on the backend).

    -WitNik

    ---
    ■ Synchronet ■ * Origin: Beggar's Canyon - beggarscyn.com *