How does Hasura IP rate limiting work if requests go through a reverse proxy before hitting Hasura? #8551
-
Our website is hosted on Cloudflare, which acts as a reverse proxy https://support.cloudflare.com/hc/en-us/articles/200170786. That means the original visitor IP address is in a header called I'm not sure if Hasura's rate limiting (see https://hasura.io/learn/graphql/hasura-advanced/security/4-rate-limit/) is smart enough to deal with this, or if it will rate limit Cloudflare's IP addresses. |
Beta Was this translation helpful? Give feedback.
Replies: 1 comment 1 reply
-
@arcticmatt Hasura looks into the If the above are not found, then it will look up the connecting client's IP address from the packet |
Beta Was this translation helpful? Give feedback.
@arcticmatt Hasura looks into the
x-real-ip
orx-forwarded-for
request headers. These are standard headers usually filled in by the proxies. Do you know if Cloudflare already addsx-real-ip
/x-forwarded-for
headers?If the above are not found, then it will look up the connecting client's IP address from the packet