Reverse Proxy Configuration
When working with reverse proxies and load balancers, the typical setup looks like this:
- The Connection between the client and the reverse proxy is using https.
- The Connection between the reverse proxy and the LiquidFiles system is using http.
With the default configuration to Force https connections, the LiquidFiles system will see all connections as coming from the proxy (10.1.2.2) with http, meaning that you will get into a redirect loop as it's trying to redirect the clients browser to https, but the connection keeps coming back on http. If you use https between the reverse proxy and the LiquidFiles system, you can use the "Force https" setting.
To make sure that the LiquidFiles system can see the end clients ip address, and use https everywhere, please update the Admin → Network configuration like this:
By setting the Protocol to "Prefer https", all the links and redirects by the system will use https, but it will not check for the presence of a https connection and always try to redirect http to https. If you want to ensure that all traffic uses https, please update the reverse proxy with the configuration to redirect http connections to https.
The trusted proxies configuration will listen for the "X-Forwarded-For" http header from the trusted proxies so when the LiquidFiles system displayes the log, the connection on the map, and anywhere else where it uses the clients ip address - it will use the clients real ip address (220.127.116.11 in the example above) and not the proxy's (10.1.2.2). Most reverse proxies will automatically set the X-Forwarded-For header, but if it doesn't please make sure you add this configuration to you reverse proxy.
Enabling required http methods
Another thing to bear in mind with reverse proxies is that they are often quite restrictive when it comes to http methods and typically only allow GET and POST request. LiquidFiles is implmented as a modern REST based web service and uses GET, POST, PUT and DELETE to operate. PUT is used for changing parameters for resources such as Users and DELETE is used to delete resources such as Users, Messages and Attachments.