Skip to content

Instantly share code, notes, and snippets.

@hissy
Last active September 2, 2019 02:47
#concrete5 #5.7 How to work concrete5 behind a load balancer or a reverse proxy
<?php
/**
* Always trust incoming request.
*
* application/config/concrete.php
*
* For more detail, see: http://symfony.com/doc/current/cookbook/request/load_balancer_reverse_proxy.html
*/
// Get remote address
$remoteIp = $_SERVER['REMOTE_ADDR'];
return [
'security' => [
'trusted_proxies' => [
'ips' => [$remoteIp]
],
],
];
@hissy
Copy link
Author

hissy commented Sep 2, 2019

Yes, this gist can be dangerous. Please read the Symfony doc in the comment.

Some reverse proxies (like AWS Elastic Load Balancing) don't have a static IP address or even a range that you can target with the CIDR notation. In this case, you'll need to - very carefully - trust all proxies.
Configure your web server(s) to not respond to traffic from any clients other than your load balancers.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment