IP Spoofing Attack

The setup was based on this guide.

The server is setup with multiple Discourse installs running under a single Nginx instance with separate vhosts.

For reference each vhost takes this form:

    server {
            listen 80;
            # change this
            server_name my-discourse-site.com;
            client_max_body_size 100M;
            location / {
            proxy_pass http://unix:/var/discourse/shared/*****/nginx.http.sock:;
                    proxy_set_header Host $http_host;
                    proxy_http_version 1.1;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            }
    }