How to Configure Trusted Proxies
Add trusted proxies in the Webscale control panel to add the
X-Forwarded-For header to HTTP requests coming from those proxies. You do not have to provide any address sets for trusted proxies. If none are added, it creates a zero-trust environment that results in the
X-Forwarded-For header being stripped and the peer address used as the client address.
To follow these instructions, log in to your Webscale Control Panel and click the 3 vertical dots on the upper right corner of the box for the application you wish to edit.
On the menu that appears, click Trusted Proxies.
What address sets should be trusted?
If the peer address of an incoming request is contained in one of the address sets, then the
X-Forwarded-For header is decoded so that the request is treated as coming from the rightmost address that is not contained in any of the address sets.
For example, if Trusted Proxies is configured such that it allows 18.104.22.168/24 (that IP address is within a trusted address set) and the request originates from 22.214.171.124 with
X-Forwarded-For: 126.96.36.199, 188.8.131.52, then the request will be treated as though it came from
184.108.40.206. More details about the
X-Forwarded-For header can found on the Mozilla Developer Docs.
Trusted Proxies Only
If Trusted Proxies Only is enabled, then only Pingdom, the control address, and any proxies added here can access the application. Any other traffic from the internet will be dropped. This setting can add an additional layer of security to your application if you want all traffic to only come from a proxy service such as Cloudflare.
Trusted Proxies Header
This option changes the header used for Trusted Proxies. The choices are:
X-Forwarded-For(default): The usual header for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or a load balancer.
True-Client-IP: Services such as Cloudflare and Akamai send this header to identify the IP address of the requester.
Custom: Input your own custom HTTP header here.
Have questions not answered here? Please Contact Support to get more help.
Was this page helpful?
Glad to hear it! Have any more feedback? Please share it here.
Sorry to hear that. Have any more feedback? Please share it here.