Hi,
I’m using Nginx proxy manager addon. I would like to use an access list to filter incoming traffic.
The issue is that all IP addresses are converted to 172.30.32.1. I can see this in nginx logs.
If I deny this address all the incoming traffic is blocked including my external access.
Is there a way to white list my external access and block everything else with nginx addon ?
Thanks for your help
Look into x_forwarded_for both for HA and nginx proxy manager
When you use proxy you must set the reverse proxies IP in HA http section so it knows the ip of reverse proxy
In nginx there is usually something like below added so it can process ip of client and ignore ip from forwarding servers
proxy_set_header Host 127.0.0.1:30000;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-For $remote_addr;
Not sure how the addon does configs but this may get you somewhere
Thx.
I tried the following configuration in advanced tab of proxy host but no luck.
I still have [Client 172.30.32.1] in logs.
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header X-Forwarded-Host $remote_addr;
real_ip_header X-Real-IP;
real_ip_recursive on;
HA logs or nginx? or both
edit: did you also setup HA http section?
nginx logs
Here is my http section:
http:
use_x_forwarded_for: true
trusted_proxies:
- 172.30.33.0/24
ip_ban_enabled: True
login_attempts_threshold: 3