http.realip Plugin
This plugin allows you to see the actual client IP from X-Forwarded-For headers if you are running behind a CDN or Proxy. It will make it so logs and other downstream directives will see the actual client IP, not the proxy's.
Implements security measures so that X-Forwarded-For cannot be spoofed from unauthorized IP ranges.
Examples
Accept X-Forwarded-For from known IPs only
realip {
from 1.2.3.4/32
from 2.3.4.5/32
}
Cloudflare Preset
realip cloudflare
Automatically adds cloudflare ips to allowed set.
Related Links
Documentation
Access the full documentation for this plugin off-site:
Docs
Plugin Help
Get help from the maintainers of the http.realip plugin:
Support
Plugin Website
Visit http.realip's website for more information:
Website
This plugin is independent of the Caddy project and is not endorsed or maintained by Caddy developers. Use at your own risk. Do not file issues for this plugin on Caddy's bug tracker.