Home / server / Questions / 818595
Accepted
ilumos
Asked: 2016-12-04 14:09:02 +0800 CST

Is sending "X-Real-IP" and "X-Forwarded-For" necessary for an Nginx cache running on LAN?

  • 772

I'm setting up Nginx as a caching HTTP server for Steam and Origin game downloads on my LAN.

Is it necessary for Nginx to send the X-Real-IP and X-Forwarded-For headers to the servers, if:

  • The IP addresses will always be RFC1918 addresses (192.168, 172.16, 10.)
  • No state needs to be tracked by the upstream content servers

If it is unlikely to cause problems, I'd like to disable sending these headers to save a tiny amount of bandwidth.

Many thanks

cache nginx local-area-network

2 Answers

  1. Best Answer

    No, you don't need them.

    As a security precaution, the actual host will remove these values to prevent IP spoofing, and may use any value they choose (X- headers are custom and can be anything)

    • 3

  2. X-Real-IP and X-Forwarded-For are not part of RFCs but rather conventions established mostly for reverse proxies to communicate the actual IP of the user so the web app knows the user's IP.

    It is not required at all that you add those headers in your proxy, especially if you do not own the servers on the other side, since it's mostly useful for yourself.

    • 2