How can I use an external Load Balancer like ELB or CDN?
External load balancers can handle SSL termination and load balancing outside of Hatchbox, but require configuration in your app(s).
Written by Chris Oliver
Updated over a week ago
While Caddy can provide load balancing internal to your cluster, you might want to use a service like AWS's Elastic Load Balancer to handle this instead.
Caddy will not trust X-Forwarded headers by default as this could pose a security risk. Instead, you can tell Caddy which IPs are trusted proxies in order to trust the X-Forwarded headers
From the Caddy reverse_proxy docs:
Caddy will not trust X-Forwarded headers by default as this could pose a security risk. Instead, you can tell Caddy which IPs are trusted proxies in order to trust the X-Forwarded headers
From the Caddy reverse_proxy docs:
If Caddy is not the first server being connected to by your clients (for example when a CDN is in front of Caddy), you may configure trusted_proxies with a list of IP ranges (CIDRs) from which incoming requests are trusted to have sent good values for these headers.
Adding Trusted Proxies
You can add the ELB IP address if you click Edit on the app's dashboard and scroll to the bottom under Trusted Proxies.
This will ensure Caddy preserves the X-Forwarded headers for requests coming from your load balancer or CDN.
You can add the ELB IP address if you click Edit on the app's dashboard and scroll to the bottom under Trusted Proxies.
This will ensure Caddy preserves the X-Forwarded headers for requests coming from your load balancer or CDN.