Skip to content

Commit 99e33f9

Browse files
Merge pull request #249 from AikidoSec/hansott-patch-1
Update proxy documentation for client IP header
2 parents 1d87e9e + 722b9f1 commit 99e33f9

1 file changed

Lines changed: 7 additions & 0 deletions

File tree

docs/proxy.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -3,3 +3,10 @@
33
We'll automatically use the `x-forwarded-for` header to determine the client's IP address when behind a proxy.
44

55
If you're publicly exposing your server without a load balancer in front of it, you should set the `AIKIDO_TRUST_PROXY` env var to `false` to ensure that the correct IP address is used. Otherwise, someone could potentially spoof their IP address by adding the above header and thus bypassing the rate limiting.
6+
7+
If you need to use a different header to determine the client's IP address, you can set the `AIKIDO_CLIENT_IP_HEADER` environment variable to the name of that header. This will override the default `x-forwarded-for` header.
8+
9+
```bash
10+
# For DigitalOcean App Platform
11+
AIKIDO_CLIENT_IP_HEADER=do-connecting-ip java -javaagent:... -jar ...
12+
```

0 commit comments

Comments
 (0)