diff options
| author |  Mossroy <mossroy@mossroy.fr>
| 2023-10-25 16:23:03 +0200 |
|---|---|---|
| committer |  GitHub <noreply@github.com>
| 2023-10-25 16:23:03 +0200 |
| commit | 5374df384a032e91f09d53291c879ee19da99714 (patch) | |
| tree | cf04a1638d0b5279c4692a1dc9468301459da909 /docs | |
| parent | 280a1e11556bd22f3640facc12ec5bdaa5d10d90 (diff) | |
Use RemoteIPInternalProxy directive of remoteip Apache module (#5740)
* Use RemoteIPInternalProxy directive of remoteip Apache module
instead of RemoteIPTrustedProxy directive
To allow internal IPs to be trusted: for internal clients,
and also for the case of chained internal reverse-proxies
Fixes #5726
* One last reference forgotten
---------
Co-authored-by: Alexandre Alapetite <alexandre@alapetite.fr>
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/en/admins/09_AccessControl.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/en/admins/09_AccessControl.md b/docs/en/admins/09_AccessControl.md index 65f78be4d..e158f2a4e 100644 --- a/docs/en/admins/09_AccessControl.md +++ b/docs/en/admins/09_AccessControl.md @@ -30,7 +30,7 @@ To enable this feature, you need to add the IP range (in CIDR notation) of your To allow only one IPv4, you can use a `/32` like this: `trusted_sources => [ '192.168.1.10/32' ]`. Likewise to allow only one IPv6, you can use a `/128` like this: `trusted_sources => [ '::1/128' ]`. -You may alternatively pass a `TRUSTED_PROXY` environment variable in a format compatible with [Apache’s `mod_remoteip` `RemoteIPTrustedProxy`](https://httpd.apache.org/docs/current/mod/mod_remoteip.html#remoteiptrustedproxy). +You may alternatively pass a `TRUSTED_PROXY` environment variable in a format compatible with [Apache’s `mod_remoteip` `RemoteIPInternalProxy`](https://httpd.apache.org/docs/current/mod/mod_remoteip.html#remoteipinternalproxy). > ☠️ WARNING: FreshRSS will trust any IP configured in the `trusted_sources` option, if your proxy isn’t properly secured, an attacker could simply attach this header and get admin access. |