Page MenuHomePhabricator

Cloud VPS Proxy does not set X-Forwarded-For
Closed, InvalidPublicBUG REPORT

Description

Steps to Reproduce

  1. Setup a Cloud VPS with a Proxy.
  2. Inspect the request headers from the instance

Actual Results
There is an X-Forwarded-Proto but no X-Forwarded-For. The lack of X-Forwarded-For means that the IP address recorded for edits in MediaWiki is that of the proxy, not of the user who made the request.

Expected Results
An X-Forwarded-For header containing the user's public IP address

Event Timeline

aborrero added a subscriber: aborrero.

This is a feature, not a bug. We however have a mechanism for whitelisting FQDNs that really need this information, see T135046: Whitelist labs instances that need XFF header passed through the web proxy for context.