Rate limiting and reverse proxy
Howdy!
I'm just now getting to setting up my web app to be hosted via Railway. It's an Express app written in JS.
When I hosted it locally, I had it set up behind a reverse proxy, so I'd set
trust proxy' to 1 and call it good.
I want to configure a rate limiter on my application to help protect some endpoints, but can't seem to find the proper trust proxy to set for this. No matter the number I set, requests still look like they're coming from the Railway proxy.
Any suggestions for configuring this setting or setting up rate limiting for my application on Railway?Solution:Jump to solution
if railways proxy is the only proxy your app sits behind then you want to pull the client ip from the
X-Envoy-External-Address header
https://utilities.up.railway.app/raw
im sure there are express middleware to do this for you...4 Replies
Project ID:
41f1e384-4e03-4db8-8977-4de7736f111141f1e384-4e03-4db8-8977-4de7736f1111
Solution
if railways proxy is the only proxy your app sits behind then you want to pull the client ip from the
X-Envoy-External-Address header
https://utilities.up.railway.app/raw
im sure there are express middleware to do this for youI am using that header for logging so I suppose I can use it for rate limiting as well. Thanks