Use `set_real_ip` and `set_real_ip_header` in the default config

TrafeX / docker-php-nginx

Docker image with PHP-FPM 8.3 & Nginx 1.24 on Alpine Linux

https://hub.docker.com/r/trafex/php-nginx

MIT License

1.33k stars 721 forks source link

Use `set_real_ip` and `set_real_ip_header` in the default config #135

Closed Znuff closed 10 months ago

Znuff commented 11 months ago

Sometimes this image may be used behind another reverse proxy, or even behind Cloudflare.

It would be nice to have the ability to make use of the real IP address of the visitor.

http://nginx.org/en/docs/http/ngx_http_realip_module.html#real_ip_header

TrafeX commented 10 months ago

Hi @Znuff ,

I agree that it would be nice to include this by default. But the implementation depends on the environment. The value for set_real_ip_from needs to match the networking setup. So there's no default that works for everyone (and doesn't create a security risk). Though it would be nice to mention this in the README.md so people can find this directive easily. Do you mind making a PR for this? Otherwise I'll do this myself.

TrafeX commented 10 months ago

I've added it to the documentation: https://github.com/TrafeX/docker-php-nginx/blob/master/docs/real-ip-behind-loadbalancer.md