Difference with using REMOTE_ADDR?

Created on 30 July 2025, 6 days ago

Problem/Motivation

If I understand correctly, this module is meant to automatically trust the reverse proxy the request is coming from.

It is not very well documented but it is possible to do this:

$settings['reverse_proxy_addresses'] = ['REMOTE_ADDR'];

Request::setTrustedProxies() will then automatically add the address from $_SERVER['REMOTE_ADDR'] as a trusted proxy.

If you also want to trusted every private address, I think you can do something like this:

$settings['reverse_proxy_addresses'] = ['REMOTE_ADDR', 'PRIVATE_SUBNETS'];

Does the module do anything additional that can't be achieved with these settings (apart from removing the trusted host pattern requirement) ?

Steps to reproduce

Proposed resolution

Remaining tasks

User interface changes

API changes

Data model changes

πŸ“Œ Task
Status

Active

Version

1.2

Component

Documentation

Created by

πŸ‡«πŸ‡·France prudloff Lille

Live updates comments and jobs are added and updated live.
Sign in to follow issues

Comments & Activities

  • Issue created by @prudloff
  • πŸ‡ΊπŸ‡ΈUnited States bradjones1 Digital Nomad Life

    I mean, no, there's not a significant difference, but this allows you to do so without any specific changes to settings.php and also does some sanity-checking on the validity of the configuration. And, it demotes the warning message that is otherwise distracting.

    But yeah, you can do whatever you like with same effect. I think this is pretty well explained in the project readme.

Production build 0.71.5 2024