cherrymusic
cherrymusic copied to clipboard
permit_remote_admin_login doesn't work behind nginx
When running cherrymusic on localhost on an unprivileged port and using nginx's proxy_pass functionality to expose it to the outside world, all requests look like they are coming from localhost. So in this use case, permit_remote_admin_login does absolutely nothing to prevent admin from logging in remotely.
Try adding proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; "into location /" block