Cloudflare and reverse proxy support #2419
Comments
|
Thanks for opening your first issue here! 🎉 Be sure to follow the issue template! If you need help or want to chat with us, join us on Discord https://gofiber.io/discord |
|
no 2 and 3 are fixable with app := fiber.New(fiber.Config{
ProxyHeader: "CF-Connecting-IP",
})or app := fiber.New(fiber.Config{
ProxyHeader: fiber.HeaderXForwardedFor,
})according to https://developers.cloudflare.com/fundamentals/get-started/reference/http-request-headers/ and after that the ctx.IP method is using this header for the ip determination and the logger will log the right ip and the limiter middleware is also using the right one. no 1 is solvable with the ModifiedResponse method package main
import (
"fmt"
"github.com/gofiber/fiber/v2"
"github.com/gofiber/fiber/v2/middleware/proxy"
)
func main() {
app := fiber.New()
app.Use(
proxy.Balancer(proxy.Config{
Servers: []string{
"http://localhost:3001",
"http://localhost:3002",
},
ModifyResponse: func(c *fiber.Ctx) error {
if c.Response().StatusCode() == 502 { // Check if the response is a 502 (Bad Gateway) error
c.Response().Reset() // Reset the response to clear the existing error message
return c.Status(503).SendString("The requested service is currently unavailable. Please try again later.")
}
return nil
},
}),
)
err := app.Listen(":3000")
if err != nil {
fmt.Printf("Error starting server: %v", err)
}
} |
ReneWerner87
changed the title
|
Well, the proxy.Balancer code has errors. I fixed it the syntax error if someone wants to use it. app.Use(
proxy.Balancer(proxy.Config{
Servers: []string{
"http://localhost:3001",
"http://localhost:3002",
},
ModifyResponse: func(c *fiber.Ctx) error {
if c.Response().StatusCode() == 502 { // Check if the response is a 502 (Bad Gateway) error
c.Response().Reset() // Reset the response to clear the existing error message
return c.Status(503).SendString("The requested service is currently unavailable. Please try again later.")
}
return nil
},
}),
) |
|
My problem isn't solved it still shows dial tcp errors.. |
|
@justevery Is it running? Can we mark the report as closed (answered)? |
|
Ok then I have to create a reproducible example Need to know where exactly the error is returned |
package main
import (
"errors"
"log"
"net"
"github.com/gofiber/fiber/v2"
"github.com/gofiber/fiber/v2/middleware/proxy"
)
func main() {
app := fiber.New(fiber.Config{
// Override default error handler
ErrorHandler: func(ctx *fiber.Ctx, err error) error {
ctx.Set(fiber.HeaderContentType, fiber.MIMETextPlainCharsetUTF8)
var netError net.Error
if errors.As(err, &netError) {
// 502 - Bad Gateway or 503 - ServiceUnavailable
err = fiber.ErrBadGateway
}
code := fiber.StatusInternalServerError
var e *fiber.Error
if errors.As(err, &e) {
code = e.Code
}
return ctx.Status(code).SendString(err.Error())
},
})
app.Use(proxy.Balancer(proxy.Config{
Servers: []string{
"http://139.144.180.160/",
},
ModifyRequest: func(ctx *fiber.Ctx) error {
ctx.Request().Header.Add("CF-Connecting-IP", ctx.IP())
return nil
},
}))
log.Fatalln(app.Listen(":8080"))
} |
|
René patiently solved my problem, I thank him ♥ |
|
@efectn @gaby @leonklingele @li-jin-gou Lines 472 to 480 in 3e9575b so that we do not pass on network information for security reasons ? app := fiber.New(fiber.Config{
// Override default error handler
ErrorHandler: func(ctx *fiber.Ctx, err error) error {
ctx.Set(fiber.HeaderContentType, fiber.MIMETextPlainCharsetUTF8)
var netError net.Error
if errors.As(err, &netError) {
// 502 - Bad Gateway or 503 - ServiceUnavailable
err = fiber.ErrBadGateway
}
code := fiber.StatusInternalServerError
var e *fiber.Error
if errors.As(err, &e) {
code = e.Code
}
return ctx.Status(code).SendString(err.Error())
},
}) |
|
@ReneWerner87 Yes, may be worth it. |
|
Yes, definitely! All my apps using fiber additionally wrap the fiber errors for that specific reason, so only my own, well-known internal errors get exposed.
|
|
Then let us do this |
|
Don’t forget to log the original error. It’ll be a pain (or even close to impossible) to debug.
|
not a problem, the logger is logging the error message what should i take ? 502 or 503 ? |
fixes: reverse proxy support #2419
fixes: reverse proxy support #2419
fixes: reverse proxy support #2419
fixes: reverse proxy support #2419
* improve error handling for net error(s) fixes: reverse proxy support #2419 * Update app.go Co-authored-by: leonklingele <[email protected]> * improve error handling for net error(s) fixes: reverse proxy support #2419 * improve error handling for net error(s) fixes: reverse proxy support #2419 * improve error handling for net error(s) fixes: reverse proxy support #2419 --------- Co-authored-by: leonklingele <[email protected]>
Bug Description
A cloudflare and error issue.
How to Reproduce
Steps to reproduce the behavior:
Expected Behavior
The reverse proxy thing if any attack comes expose the reverse proxy IP address and it shows everyone "dial connection brb brb ip". So your ip address gone, i look the reverse proxy, error handler documents but i don't see how i can made all errors to custom html page.
Ratelimit are need to have a cloudflare mode for get CF-Connecting-IP it so annoying because of i tried 5-6 way for get CF-Connecting-IP and the end i do.
The logging thing has same problem what i said on 2.
Fiber Version
latest
Code Snippet (optional)
No response
Checklist:
The text was updated successfully, but these errors were encountered: