Remote Host

Let us consider a vast hierarchical organization with a massive number of users and resources with the following structure:

Proxy servers - configured between the target resources and the user machines
Load balancers - deployed between the target resources and the user machines to maintain the request traffic.

Now, when a request sent by a user is forwarded through a load balancer/proxy server, the IP address of the load balancer/proxy server is reflected in audits and reports. When multiple requests occur consecutively, that one IP address of the load balancer/proxy server is recorded in audits and reports for all the user requests - This scenario creates confusion about who accessed what and also fails to capture the exact user access information.

This is where the Remote Host Header comes into play - it identifies the IP addresses of the user machines that actually accessed the target endpoints through the load balancer or the proxy server. And, the product audits and reports capture the actual users' IP information instead of the load balancers' or proxy servers', thereby gaining good clarity on user access details.

Prerequisite:

Before configuring Remote Host, find the request header information (e.g., X-Real-IP, X-Forward-For, etc.) in the 'conf' file of your load balancer/proxy server.

Notes:
If an organization has multiple load balancers/proxy servers, ensure you configure the request header of all those with the same header information.

We recommend you configure the load balancers/proxy servers in such a way that they forward only the IP address of the client. For example, replacing the header variable '$proxy_add_x_forwarded_for' with '$remote_addr' in NGINX will forward the actual IP address of the client.

Steps Required:

Navigate to Admin >> Settings >> Remote Host.
Enter the header information obtained from the 'conf' file of the load balancer/proxy server in the Remote Host Header.
Click Test to validate the provided header information with your load balancer/proxy server.
Upon successful test validation, click Save to complete the remote host configuration.
Click Clear to revoke the Remote Host configuration.


Remote Host Let us consider a vast hierarchical organization with a massive number of users and resources with the following structure: Proxy servers - configured between the target resources and the user machines Load balancers - deployed between the target resources and the user machines to maintain the request traffic. Now, when a request sent by a user is forwarded through a load balancer/proxy server, the IP address of the load balancer/proxy server is reflected in audits and reports. When multiple requests occur consecutively, that one IP address of the load balancer/proxy server is recorded in audits and reports for all the user requests - This scenario creates confusion about who accessed what and also fails to capture the exact user access information. This is where the Remote Host Header comes into play - it identifies the IP addresses of the user machines that actually accessed the target endpoints through the load balancer or the proxy server. And, the product audits and reports capture the actual users' IP information instead of the load balancers' or proxy servers', thereby gaining good clarity on user access details. Prerequisite: Before configuring Remote Host, find the request header information (e.g., X-Real-IP, X-Forward-For, etc.) in the 'conf' file of your load balancer/proxy server. Notes: If an organization has multiple load balancers/proxy servers, ensure you configure the request header of all those with the same header information. We recommend you configure the load balancers/proxy servers in such a way that they forward only the IP address of the client. For example, replacing the header variable '$proxy_add_x_forwarded_for' with '$remote_addr' in NGINX will forward the actual IP address of the client. Steps Required: Navigate to Admin >> Settings >> Remote Host. Enter the header information obtained from the 'conf' file of the load balancer/proxy server in the Remote Host Header. Click Test to validate the provided header information with your load balancer/proxy server. Upon successful test validation, click Save to complete the remote host configuration. Click Clear to revoke the Remote Host configuration.