You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
If you want to implement this feature, comment to let us know (we'll work with you on design, scheduling, etc.)
Issue details
step-ca's logging middleware logs the client's IP address under remote-address field for each incoming requests, the value is taken directly from Request.RemoteAddr of Go's net/http.
The problem arises when step-ca is sitting behind a reverse proxy, the IP address of the proxy is logged instead of the actual client.
Why is this needed?
In the case where reverse proxy is used, the remote-address field is more useful for analysis/debugging/reporting when it is the real client IP.
The text was updated successfully, but these errors were encountered:
This commit adds the option (enabled via environment variable) to the
logging middleware to log real/originating IP address of a client based
on specific headers.
Three headers are supported: True-Client-IP, X-Real-IP, X-Forwarded-For.
This is particularly useful when there is proxy server(s) sitting
between step-ca and client.
Implements smallstep#1995
Hello!
Issue details
step-ca
's logging middleware logs the client's IP address underremote-address
field for each incoming requests, the value is taken directly fromRequest.RemoteAddr
of Go'snet/http
.The problem arises when
step-ca
is sitting behind a reverse proxy, the IP address of the proxy is logged instead of the actual client.Why is this needed?
In the case where reverse proxy is used, the
remote-address
field is more useful for analysis/debugging/reporting when it is the real client IP.The text was updated successfully, but these errors were encountered: