Unlock Real Client IPs in Envoy: Step‑by‑Step Configuration Guide

This article explains why backend services often see proxy IPs instead of the true client address in modern cloud‑native architectures, and provides a detailed walkthrough of configuring Envoy—including X‑Forwarded‑For handling, code snippets, testing, and security recommendations—to ensure the original client IP is correctly propagated.

EnvoyIP addressService Mesh

0 likes · 6 min read

Unlock Real Client IPs in Envoy: Step‑by‑Step Configuration Guide

Ops Development Stories

Nov 15, 2023 · Operations

Capture Real Client IP Behind Multiple Proxies Using HAProxy & Nginx Ingress

This guide explains how to retrieve the true client IP in environments with multiple proxy layers by understanding remote_addr, X-Forwarded-For, and X-Real-IP headers, and configuring HAProxy and Nginx Ingress with appropriate options to forward and preserve the original IP.

HAProxyIngressX-Forwarded-For

0 likes · 9 min read

Capture Real Client IP Behind Multiple Proxies Using HAProxy & Nginx Ingress

58 Tech

Apr 25, 2019 · Information Security

Troubleshooting X-Forwarded-For Null Issue with Tomcat Behind Nginx Over HTTPS

When switching from HTTP to HTTPS, Tomcat fails to retrieve the client IP via X-Forwarded-For because of RemoteIpValve configuration and Nginx proxy settings, leading to null values and requiring adjustments in server.xml and Nginx headers to correctly propagate the original client IP.

HTTPSIP SpoofingRemoteIpValve

0 likes · 7 min read

Troubleshooting X-Forwarded-For Null Issue with Tomcat Behind Nginx Over HTTPS