Feature: Add configurable X-Real-IP header support for rate limiting (#3504)
* fix: correct client IP detection behind reverse proxy * Revert "fix: correct client IP detection behind reverse proxy" This reverts commit 72075062402eadb32c9e349df9bc92bfe4546ce3. * feat: support X-Real-IP header for reverse proxy setups * feat: add option to use x-real-ip for rate limiting behind reverse proxy * docs: update rate limiting configuration comments for X-Real-IP usage * refactor: extract getIpAddress function to reduce code duplication * revert(whitelist): rate limit settings shouldn't affect whitelist
This commit is contained in:
KevinSun
@@ -85,6 +85,11 @@ cookieSecret: ''
|
||||
disableCsrfProtection: false
|
||||
# Disable startup security checks - NOT RECOMMENDED
|
||||
securityOverride: false
|
||||
# -- RATE LIMITING CONFIGURATION --
|
||||
rateLimiting:
|
||||
# Use X-Real-IP header instead of socket IP for rate limiting
|
||||
# Only enable this if you are using a properly configured reverse proxy (like Nginx/traefik/Caddy)
|
||||
preferRealIpHeader: false
|
||||
# -- ADVANCED CONFIGURATION --
|
||||
# Open the browser automatically
|
||||
autorun: true
|
||||
|
||||
Reference in New Issue
Block a user