misp-docker behind reverse-proxy

Question

misp-docker behind reverse-proxy

kelke opened this issue 3 months ago · 2 comments

I am running a reverse proxy for generation of TLS certificates and general security reasons in front of dockerized MISP.
However, the 'Seen IPs' visible when viewing Auth-Keys are 172.xx.0.1 instead of the IP forwarded in the X-Forwarded-For Header.
This is obviously a good thing when running MISP's own nginx webserver directly, but unfavorable when running MISP behind a reverse-proxy.

It would be great if there were some .env configuration to enable using the X-Forwarded-For header or something similar.

Answer 1 · 2024-09-10T11:03:33.000Z

That makes sense. If you have the resulting nginx configuration you would like to have and you can confirm that it works, you can open a PR against the files inside core/files/etc/nginx.

Answer 2 · 2024-09-12T09:12:38.000Z

@kelke last commit adds support to this