add fideloper/proxy to support reverse proxies and load balancers
This commit is contained in:
parent
b5a778549e
commit
ee26a7e8dd
5 changed files with 65 additions and 1 deletions
|
@ -7,6 +7,7 @@ APP_CLEAR_TASKLOG=720
|
|||
APP_DELETE_MINUTES=10
|
||||
CONSOLE_PUSH_FREQ=250
|
||||
CONSOLE_PUSH_COUNT=10
|
||||
TRUSTED_PROXIES=null
|
||||
|
||||
DB_HOST=localhost
|
||||
DB_PORT=3306
|
||||
|
|
|
@ -17,7 +17,9 @@ class Kernel extends HttpKernel
|
|||
\Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
|
||||
\Illuminate\Session\Middleware\StartSession::class,
|
||||
\Illuminate\View\Middleware\ShareErrorsFromSession::class,
|
||||
|
||||
\Pterodactyl\Http\Middleware\LanguageMiddleware::class,
|
||||
\Fideloper\Proxy\TrustProxies::class,
|
||||
];
|
||||
|
||||
/**
|
||||
|
|
|
@ -26,7 +26,8 @@
|
|||
"mtdowling/cron-expression": "1.1.0",
|
||||
"dingo/api": "1.0.0-beta6",
|
||||
"aws/aws-sdk-php": "3.19.20",
|
||||
"predis/predis": "1.1.1"
|
||||
"predis/predis": "1.1.1",
|
||||
"fideloper/proxy": "3.2.0"
|
||||
},
|
||||
"require-dev": {
|
||||
"fzaninotto/faker": "~1.4",
|
||||
|
|
|
@ -158,6 +158,7 @@ return [
|
|||
igaster\laravelTheme\themeServiceProvider::class,
|
||||
Prologue\Alerts\AlertsServiceProvider::class,
|
||||
Krucas\Settings\Providers\SettingsServiceProvider::class,
|
||||
Fideloper\Proxy\TrustedProxyServiceProvider::class,
|
||||
|
||||
],
|
||||
|
||||
|
|
59
config/trustedproxy.php
Normal file
59
config/trustedproxy.php
Normal file
|
@ -0,0 +1,59 @@
|
|||
<?php
|
||||
|
||||
return [
|
||||
|
||||
/*
|
||||
* Set trusted proxy IP addresses.
|
||||
*
|
||||
* Both IPv4 and IPv6 addresses are
|
||||
* supported, along with CIDR notation.
|
||||
*
|
||||
* The "*" character is syntactic sugar
|
||||
* within TrustedProxy to trust any proxy
|
||||
* that connects directly to your server,
|
||||
* a requirement when you cannot know the address
|
||||
* of your proxy (e.g. if using Rackspace balancers).
|
||||
*
|
||||
* The "**" character is syntactic sugar within
|
||||
* TrustedProxy to trust not just any proxy that
|
||||
* connects directly to your server, but also
|
||||
* proxies that connect to those proxies, and all
|
||||
* the way back until you reach the original source
|
||||
* IP. It will mean that $request->getClientIp()
|
||||
* always gets the originating client IP, no matter
|
||||
* how many proxies that client's request has
|
||||
* subsequently passed through.
|
||||
*/
|
||||
'proxies' => explode(',', env('TRUSTED_PROXIES', null)),
|
||||
|
||||
/*
|
||||
* Or, to trust all proxies that connect
|
||||
* directly to your server, uncomment this:
|
||||
*/
|
||||
# 'proxies' => '*',
|
||||
|
||||
/*
|
||||
* Or, to trust ALL proxies, including those that
|
||||
* are in a chain of fowarding, uncomment this:
|
||||
*/
|
||||
# 'proxies' => '**',
|
||||
|
||||
/*
|
||||
* Default Header Names
|
||||
*
|
||||
* Change these if the proxy does
|
||||
* not send the default header names.
|
||||
*
|
||||
* Note that headers such as X-Forwarded-For
|
||||
* are transformed to HTTP_X_FORWARDED_FOR format.
|
||||
*
|
||||
* The following are Symfony defaults, found in
|
||||
* \Symfony\Component\HttpFoundation\Request::$trustedHeaders
|
||||
*/
|
||||
'headers' => [
|
||||
\Illuminate\Http\Request::HEADER_CLIENT_IP => 'X_FORWARDED_FOR',
|
||||
\Illuminate\Http\Request::HEADER_CLIENT_HOST => 'X_FORWARDED_HOST',
|
||||
\Illuminate\Http\Request::HEADER_CLIENT_PROTO => 'X_FORWARDED_PROTO',
|
||||
\Illuminate\Http\Request::HEADER_CLIENT_PORT => 'X_FORWARDED_PORT',
|
||||
]
|
||||
];
|
Loading…
Reference in a new issue