mirror of
https://github.com/TecharoHQ/anubis.git
synced 2026-04-08 09:38:45 +00:00
27 lines
1.2 KiB
Plaintext
27 lines
1.2 KiB
Plaintext
# Cloudflare
|
|
|
|
If you are using Cloudflare, you should configure your server to use `CF-Connecting-IP` as the source of the real client IP, and pass that address to Anubis as `X-Forwarded-For`. Read [Client IP Headers](../caveats-xff.mdx) for details.
|
|
|
|
Example configuration with Caddy:
|
|
|
|
```Caddyfile
|
|
{
|
|
servers {
|
|
# Cloudflare IP ranges from https://www.cloudflare.com/en-gb/ips/
|
|
trusted_proxies static 173.245.48.0/20 103.21.244.0/22 103.22.200.0/22 103.31.4.0/22 141.101.64.0/18 108.162.192.0/18 190.93.240.0/20 188.114.96.0/20 197.234.240.0/22 198.41.128.0/17 162.158.0.0/15 104.16.0.0/13 104.24.0.0/14 172.64.0.0/13 131.0.72.0/22 2400:cb00::/32 2606:4700::/32 2803:f800::/32 2405:b500::/32 2405:8100::/32 2a06:98c0::/29 2c0f:f248::/32
|
|
# Use CF-Connecting-IP to determine the client IP instead of XFF
|
|
# https://caddyserver.com/docs/caddyfile/options#client-ip-headers
|
|
client_ip_headers CF-Connecting-IP
|
|
}
|
|
}
|
|
|
|
example.com {
|
|
reverse_proxy http://anubis:3000 {
|
|
# Pass the client IP read from CF-Connecting-IP
|
|
header_up X-Forwarded-For {client_ip}
|
|
header_up X-Real-IP {client_ip}
|
|
header_up X-Http-Version {http.request.proto}
|
|
}
|
|
}
|
|
```
|