I have configured Nginx to require HTTP Basic auth for a website I'm working on that isn't yet public. I included an
allow clause to permit the IP address of the company's head office to view the site without entering a password. This worked initially, however after placing the Nginx server behind a load balancer (AWS ELB), the IP address Nginx sees is actually the IP address of the load balancer, NOT of the requesting web client - so it stopped working.
I have the real IP address of the client in the
X-Forwarded-For header. Is there a way to get Nginx to recognise the client and let it in without logging in?
Subscribe to get latest updates