[SOLVED] How to get the true ip for auth?
I noticed that the ip of session and activity are 172.25.0.1 for all users in my console. But my script create email session on the client side by user themself. So, what I'm puzzled about is why the obtained IP is a LAN IP but not the true ip. And more, I want to add some malicious IPs to the blacklist, what should I do.
It's not possible to get the device IP, only network IP
If other users that are not in the same network are showing the same IP, then something is wrongly configured
Yes, I mean network ip not device ip. If wrongly configured, what is it and how to fix it. Thanks.
Are you using cloudflare or any proxy service/WAF, etc?
@WildAnimal
Never
I've noticed that when testing locally, you won't get the right IP Address, but when i hit Appwrite from a remote location, it picks up my IP fine.
Another thing...do you have any reverse proxy in front of Appwrite?
Yes, I had reversed proxy by nginx in front of appwrite console. Do I need to cancel this configuration, but I would like to access the appwrite console through port 80.
That's what I've asked
I think you're getting the reverse proxy IP address instead of the user IP address
yep i think that's the expected behaviour with a reverse proxy setup. not sure though
Cloudflare and some reverse proxy should also send headers with the real IP, not sure if that works with appwrite
I'm not super familiar with reverse proxying to be honest. need to look this up in more detaila
Right so as D5 said, you might be getting the reverse proxy's IP. You'll need to tell traefik to trust that reverse proxy. See https://doc.traefik.io/traefik/routing/entrypoints/#forwarded-headers
Thank you all masters. It's working well after I added the following configuration under traefik command section in docker-compse.yml file :
- --entryPoints.appwrite_web.forwardedHeaders.trustedIPs=172.25.0.1
- --entryPoints.appwrite_websecure.forwardedHeaders.trustedIPs=172.25.0.1
Specially thank you @Steven and @D5
[SOLVED] How to get the true ip for auth?
