APM server behind a proxy
See original GitHub issueI think this would be a common usecase, where the APM server is behind a proxy (in my case, Cloudflare). In which case, user IP is unavailable and we have to rely on custom headers; is there any provision of setting a custom header to be considered as user IP at the APM server or make the RUM agent set a custom header? In case of Cloudflare, they set the real user IP in the header ‘True-Client-IP’.
Edit: It’d be nice if we could it set it during client init as well. e.g.
initApm({
environment: window.location.hostname,
serviceName: 'my-app',
serverUrl: 'https://apm.example.com',
serviceVersion: getAppVersion() || 'v0.0.0',
distributedTracing: true,
distributedTracingOrigins: [
'https://api.example.com'
],
XFFHeader: {
key: 'X-Forwarded-For',
value: '127.0.0.1'
}
})
ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For
In this case, if the value is provided, then it shall be set as value in request header. The APM server should be configurable or should understand that it should pickup user IP from this header.
Issue Analytics
- State:
- Created 3 years ago
- Comments:8 (5 by maintainers)
Top Results From Across the Web
Configuring agents to communicate through a forward proxy
When a forward proxy is used, the agent first opens a TCP connection with the proxy. The agent sends an HTTP CONNECT request...
Read more >Anonymous auth configuration options | APM User Guide ...
Using a proxy allows you to clear any existing IP-forwarding HTTP headers, and replace them with one set by the proxy. This prevents...
Read more >Manual Chapter: Forward Proxy Chaining with APM - AskF5
In a forward proxy chain, Access Policy Manager (APM®) selects the next hop proxy server, and interacts with it and resource servers behind...
Read more >Proxy support #782 - elastic/apm-agent-dotnet - GitHub
My employer has a proxy that outbound traffic is routed through. Unfortunately, the .NET agent doesn't seem to support proxy credentials ...
Read more >https://raw.githubusercontent.com/elastic/apm-serv...
#hosts: # - http://remote-apm-server:8200 # Remote apm-servers' ... Contents of the header # Proxy server url #proxy_url: http://proxy:3128 # The number of ...
Read more >Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start FreeTop Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Top GitHub Comments
@bnkamalesh OK, thanks for the additional context.
Given that we already support
Forwarded
,X-Forwarded-For
, andX-Real-IP
, I think folks are pretty well covered at the moment.Unless there is a clear need, I would prefer not to add another option. If it turns out there is a need to handle
True-Client-IP
(or other headers) instead of one of the other more common headers mentioned above, I’d be happy to learn more and consider adding an option.Not at all silly!
Indeed, the server will pick the first of
Forwarded
,X-Real-IP
, orX-Forwarded-For
in that order. See also: https://github.com/elastic/apm-server/blob/b3759fcc5cbdfb316634eeb81e43274c5fc9354e/utility/remoteaddr.go#L32-L45