makeplane · MinitJain · Apr 26, 2026 · coderabbitai · Apr 26, 2026
@@ -11,7 +11,7 @@ http {
 
   set_real_ip_from        0.0.0.0/0;
   real_ip_recursive       on;
-  real_ip_header          X-Forward-For;
+  real_ip_header          X-Forwarded-For;
   limit_req_zone          $binary_remote_addr zone=mylimit:10m rate=10r/s;
 
   access_log /dev/stdout;

@@ -11,7 +11,7 @@ http {
 
   set_real_ip_from        0.0.0.0/0;
   real_ip_recursive       on;
-  real_ip_header          X-Forward-For;
+  real_ip_header          X-Forwarded-For;
   limit_req_zone          $binary_remote_addr zone=mylimit:10m rate=10r/s;
-  set_real_ip_from        0.0.0.0/0;
-  real_ip_recursive       on;
-  real_ip_header          X-Forward-For;
-  real_ip_header          X-Forwarded-For;
-  limit_req_zone          $binary_remote_addr zone=mylimit:10m rate=10r/s;
+  set_real_ip_from        10.0.0.0/8;       # Docker/internal network
+  # set_real_ip_from      173.245.48.0/20;  # e.g. Cloudflare (if applicable)
+  real_ip_recursive       on;
+  real_ip_header          X-Forwarded-For;
+  limit_req_zone          $binary_remote_addr zone=mylimit:10m rate=10r/s;
-  set_real_ip_from        0.0.0.0/0;
-  real_ip_recursive       on;
-  real_ip_header          X-Forward-For;
-  real_ip_header          X-Forwarded-For;
-  limit_req_zone          $binary_remote_addr zone=mylimit:10m rate=10r/s;
+  set_real_ip_from        10.0.0.0/8;       # Docker/internal network
+  # set_real_ip_from      173.245.48.0/20;  # e.g. Cloudflare (if applicable)
+  real_ip_recursive       on;
+  real_ip_header          X-Forwarded-For;
+  limit_req_zone          $binary_remote_addr zone=mylimit:10m rate=10r/s;
 
   access_log /dev/stdout;

@@ -11,7 +11,7 @@ http {
 
   set_real_ip_from        0.0.0.0/0;
   real_ip_recursive       on;
-  real_ip_header          X-Forward-For;
+  real_ip_header          X-Forwarded-For;
   limit_req_zone          $binary_remote_addr zone=mylimit:10m rate=10r/s;
 
   access_log /dev/stdout;