Follow

X-Forwarded prerequisites

Table of Contents

 

Introduction

The X-Forwarded-For (XFF) HTTP header field is a common method for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. In this article we discuss the X-forwarded prerequisites. 

 

Prerequisites

If Workspace 365 is hosted behind a load balancer/(reverse) proxy and Workspace 365 is provided with the correct scheme/hostname/port/client IP via one of the following headers:

X-Forwarded-Proto
X-Forwarded-Host
X-Forwarded-Port
X-Forwarded-For

It is possible that there is a need to configure a newly introduced setting "EnableProxyHeaders". The value of this setting needs to be set to True in "NDAW.Html.Front.config".

It is not always necessary and depends on the load balancer you are using. For example, the Azure load balancer doesn't need this setting to be applied because this load balancer works based on IP (Layer 4).

If this "EnableProxyHeaders" setting doesn't exist in the current "NDAW.Html.Front.config" file, first update Workspace to the latest version! See our downloads section.

<setting name="EnableProxyHeaders" serializeAs="String">
  <value>true</value>
</setting>

Without this setting enabled these headers are ignored (previously these headers were automatically taken into account, now they are an opt-in).

If you do decide to enable this setting, you as hoster should make sure you terminate "rogue" incoming headers before you send them to Workspace 365.

An easy way to check if the headers are working correctly is via the registration page (/register). Before the input field of the "Workspace name" we show the URL that Workspace 365 detects.

Back to top