On Nexaa, our platform uses a reverse proxy to manage incoming traffic. By default, the reverse proxy sets the X-Forwarded-For header with the client's IP address. However, in some cases, your application may need to trust this proxy IP to ensure accurate logging and security.
Understanding the X-Forwarded-For Header
The X-Forwarded-For header is a standard HTTP header that contains the IP address of the client making the request. In our environment, this header is set by the reverse proxy, which acts as an intermediary between the client and your application.
Configuring Trusted Proxy IP in Your Application
To trust the remote IP header set by the reverse proxy, you need to configure your application to recognize the IP range of our internal network. This IP range is used by our infrastructure to route traffic to your application.
The IP range used by our infrastructure is: 10.0.0.0/8
To trust the X-Forwarded-For header in your application, you should configure it to recognize this IP range as trusted. This will ensure that your application uses the client's IP address from the X-Forwarded-For header instead of the proxy server's IP address.