Description
It is required to correctly determine IP addresses of clients in the platform behind the CloudFlare proxy. When using CloudFlare, the real IP address of the client is not transmitted. This happens because the ihttpd web server does not pass X-Forwarded-For and X-Real-Ip headers.
Solution
To ensure that the platform correctly detects client IP addresses, perform one of the following actions:
- disable CLoudflare;
- configure nginx and ihttpd.
Configuring nginx+ihttpd
Configuring the nginx+ihttpd bundle is described in the article Control panel URL in the BILLmanager documentation.
When configuring the nginx+ihttpd bundle, check the following:
-
The configuration file /etc/nginx/nginx.conf contains the lines:
proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Real-IP $remote_addr; -
The configuration file /usr/local/mgr5/etc/billmgr.conf contains the parameter:
X-Forwarded-Secret exam123;Comment