Skip to content

Conversation

Hooteo
Copy link

@Hooteo Hooteo commented Oct 18, 2024

Fix X-Forwarded-* placeholders

Fix X-Forwarded-* placeholders
We have a Netscaler as reverse proxy to publish syspass in docker.
The client IP wasn't read correctly by syspass, if someone inside the company log in with the wrong password more than 10 times all the users have been blocked.
We noticed that by changing the line to  $xForwarded = $this->headers->get('X_FORWARDED_FOR');   the header set by the Netscaler is correctly read, and on the SysPass side, the addresses of the PCs making the request are recognized, not those of the reverse proxy. This allows us to avoid blocking the entire company and to have more accurate logs.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant