Banning based on forwarded IP #83
-
|
If I have my site behind a Cloudflare proxy and set up a Cloudflare IP middleware to output the actual visitor's IP to the X-Real-IP header, does fail2ban use the forwarded IP or the one from Cloudflare? I couldn't find any documentation regarding this yet, so help is appreciated, thanks :) |
Beta Was this translation helpful? Give feedback.
Replies: 2 comments 1 reply
-
|
Hello @stashymane, Thanks for your interest in this Traefik plugin ! For now, this plugin only looks for the request IP, and it does not use the |
Beta Was this translation helpful? Give feedback.
-
|
This is linked to this behavior: Line 220 in 2790061 |
Beta Was this translation helpful? Give feedback.
-
|
This would be great addition. As in Go RemoteAddr is (correctly) a last IP address - so in most cases it might be some router/loadbalance (if there any), or... as in my and @stashymane case a Cloudflare tunnel. I tried to create a chain of 2 middlewares but failed, this might require change in the code (maybe being able to customize on which header would be the best and most versatile solution?). |
Beta Was this translation helpful? Give feedback.
Hello @stashymane,
Thanks for your interest in this Traefik plugin !
For now, this plugin only looks for the request IP, and it does not use the
X-Forwarded-Forheader (yet).