Files
2026-07-13 13:12:17 +08:00

24 lines
1.3 KiB
HTML
Raw Permalink Blame History

This file contains ambiguous Unicode characters
This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.
<header>Trust level for proxy headers</header>
Use this setting to determine whether Webmin should trust headers from a proxy
to identify the users IP address and SSL certificate:
<ul>
<li>No, do not trust any headers from the proxy.</li>
<li>Yes, trust the remote IP address provided by proxies. If enabled,
Webmin will use a header provided by a proxy to determine the browser's
real IP address for logging and access control purposes, such as
<tt>X-Forwarded-For</tt> or <tt>X-Real-IP</tt>. This should
<em>only</em> be enabled when your Webmin system is behind a proxy, and
there is no direct access from clients; otherwise, a fake header could
be sent to bypass IP access control restrictions.</li>
<li>Yes, trust both the remote IP and SSL certificate provided by
proxies. If enabled, Webmin will use a header provided by a proxy to
determine the user's client SSL certificate for authentication purposes,
such as <tt>X-SSL-Client-DN</tt>. This should <em>only</em> be enabled
when your Webmin system is behind a proxy, and there is no direct access
from clients; otherwise, a fake header could be sent to log in as a
different user.</li>
</ul>
<p></p>