Wrong client IP when Vaultwarden is behind a reverse proxy

I’m running my VW instance behind a reverse proxy that manages SSL certificates and access restrictions. The proxy sends through X-Forwarded-For header, but there doesn’t seem to be a way to configure VW for a list of trusted proxies that it should listen to that header for.

Not sure if this is a feature request or something I’m missing in the configuration.

The latter, you need to provide the right headers.

1 Like

Awesome, thank you for the quick reply! I was able to add that env variable and have it all working as expected now.

Add the following line to config.json configuration file:
“ip_header”: “X-Forwarded-For”,

What will this line change?