2 months ago
X-Forwarded-For and X-Real-IP no longer contain the "Real" client IP
Previous time this was an issue, the X-Forwarded-For contained Fastly IP addresses and the real client IP. That time i've added Fastly as a trusted Proxy, which is not reasonable since the IP addresses are unstable and unlisted. Fine.
Now it doesnt contain the actual client IP address anymore, which is causing our webhooks to disable. And we've actually had to disable the ip filtering layer
Please
- Restore client IP
- Remove your internal services from the x-forwarded-for headers
- Disclose a list of your static Fastly IPs, if you cannot remove them from headers
- Fastly's public IP's are not the same as yours so please do not refer to those
And is there somewhere I can track this issue?
2 Replies
Status changed to Awaiting Railway Response Railway • about 2 months ago
Status changed to Awaiting User Response Railway • about 2 months ago
2 months ago
Hey,
This has been fixed, no action is needed on your end.
We are sorry for introducing this regression and will be more diligent about changes to the behavior of headers going forward.
2 months ago
This thread has been marked as solved automatically due to a lack of recent activity. Please re-open this thread or create a new one if you require further assistance. Thank you!
Status changed to Solved Railway • about 2 months ago