diff options
Diffstat (limited to 'config/config.sample.php')
-rw-r--r-- | config/config.sample.php | 21 |
1 files changed, 18 insertions, 3 deletions
diff --git a/config/config.sample.php b/config/config.sample.php index 9a5648c95df..25f56904dc4 100644 --- a/config/config.sample.php +++ b/config/config.sample.php @@ -1499,11 +1499,26 @@ $CONFIG = array( /** * List of trusted proxy servers * - * If you configure these also consider setting `forwarded_for_headers` which - * otherwise defaults to `HTTP_X_FORWARDED_FOR` (the `X-Forwarded-For` header). + * You may set this to an array containing a combination of + * - IPv4 addresses, e.g. `192.168.2.123` + * - IPv4 ranges in CIDR notation, e.g. `192.168.2.0/24` + * - IPv6 addresses, e.g. `fd9e:21a7:a92c:2323::1` + * + * _(CIDR notation for IPv6 is currently work in progress and thus not + * available as of yet)_ + * + * When an incoming request's `REMOTE_ADDR` matches any of the IP addresses + * specified here, it is assumed to be a proxy instead of a client. Thus, the + * client IP will be read from the HTTP header specified in + * `forwarded_for_headers` instead of from `REMOTE_ADDR`. + * + * So if you configure `trusted_proxies`, also consider setting + * `forwarded_for_headers` which otherwise defaults to `HTTP_X_FORWARDED_FOR` + * (the `X-Forwarded-For` header). + * * Defaults to an empty array. */ -'trusted_proxies' => array('203.0.113.45', '198.51.100.128'), +'trusted_proxies' => array('203.0.113.45', '198.51.100.128', '192.168.2.0/24'), /** * Headers that should be trusted as client IP address in combination with |