Host Filtering with Elasticsearch Behind Reverse Proxy

I am trying to use RoR host filter with an Elasticsearch instance behind an Nginx reverse proxy.

At the moment Elasticsearch is bound to with all traffic passed to it via Nginx.

I set the below HTTP headers and they are being passed through successfully.

proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;

As far as I can see, RoR is using the OA parameter, as seen in the log files, to do host IP validation which always comes through as Is there a way to use the HTTP headers for IP validation. It would also be nice if the access index didn’t just log the origin as localhost everytime.

Can it be done?

Yes can be done: readonlyrest-docs/ at master · beshu-tech/readonlyrest-docs · GitHub

Thought it would be easy. Thanks.

In order to add the x-forwarded-for ip to the logs do I need to write my own audit log serializer?

In the JSON audit log we write in the indices, we have a “xff” field that shows the X-Forwarded-For value. I will add it to the regular logs too.