ceb09ce99a
Previously Etherpad would not pass the correct client IP address through and this caused the rate limiter to limit users behind reverse proxies. This change allows Etherpad to use a client IP passed from a reverse proxy. Note to devs: This header can be spoofed and spoofing the header could be used in an attack. To mitigate additional *steps should be taken by Etherpad site admins IE doing rate limiting at proxy.* This only really applies to large scale deployments but it's worth noting.
2 lines
67 B
Nginx Configuration File
2 lines
67 B
Nginx Configuration File
FROM nginx
|
|
COPY ./tests/ratelimit/nginx.conf /etc/nginx/nginx.conf
|