CCS Reverse Proxy Settings for Blocking IP Address
In the case a reverse proxy is located in front of the Brekeke CCS Server, in order to inform the actual source IP address to the Brekeke CIM Server, these settings are needed.
Note: This feature is available on Brekeke CIM version 2.8.0 or later
Brekeke CIM > [Admin Menu] > [Advanced Settings]
| Property | Default value | Explanation |
| reverse.proxy.ip | null | Set Reverse Proxy IP address pattern
Example: ^172\.20\.0\.1$ |
| reverse.proxy.remoteaddr.header.name | X-Real-IP | Set HTTP header that includes actual source IP address
Example: X-Real-IP *The reverse proxy server needs to set an actual source ip address into the X-Real-IP header before the server forwards http requests. |
| reverse.proxy.remoteaddr.header.value.format | null | If [HTTP Header pattern] is set, match the HTTP header values and use the first group (enclosed in parentheses) as the remote IP address.
If [HTTP Header pattern] is empty, use the entire HTTP header value as the remote IP address. |
| login.block.notification.url | null | URL of the remote HTTP Server where the notification will be sent when an ip address becomes blocked.
Example: http://monitor.brekeke.com/block/add/<ip> |
Example 1:
reverse.proxy.ip=^172\.20\.0\.1$ reverse.proxy.remoteaddr.header.name=X-Real-IP login.block.notification.url=http://monitor.brekeke.com/block/add/<ip>