Hey there, I operate a Discourse forum that’s gaining traction, and I’ve been searching for hours on how to forward people’s real IPs to Discourse, instead of Cloudflare’s.
Every single topic I’ve seen, people are asking about doing this with nginx, and people who aren’t end up being persuaded to move over to it. The problem is, the site I’m running uses Apache features I need, and rebuilding it under nginx is not worth the hassle.
Here’s my config right now:
RequestHeader set X-Real-IP "%{CF_CONNECTING_IP}e"
ProxyPass / http://localhost:8080/
ProxyPassReverse / http://localhost:8080/
Unfortunately, I’ve done many actions on the forum, but my “last ip address” field is still Cloudflare’s. Is there anything obviously wrong with this? Or could it be a configuration issue with my Discourse container?
I did some more testing and realized there were a few other problems. For one, request headers are not exposed by default in Apache variables, so you must use the SetEnvIf directive.
And finally, I changed the proxy to use sockets. When using a simple HTTP proxy, it would still use the old Cloudflare IP. I added the web.socketed template in addition to the cloudflare one, and rebuilt.
Final config:
SetEnvIf CF-Connecting-IP (.*) real_ip=$1
RequestHeader set X-Real-IP %{real_ip}e
ProxyRequests Off
ProxyPreserveHost On
ProxyPass / unix:/var/discourse/shared/standalone/nginx.http.sock|http://127.0.0.1/
ProxyPassReverse / unix:/var/discourse/shared/standalone/nginx.http.sock|http://127.0.0.1/