From 8942a70856acd6944cec54addb35189aa97c8810 Mon Sep 17 00:00:00 2001
From: dx <dx@dxzone.com.ar>
Date: Wed, 23 Nov 2022 16:10:56 +0100
Subject: [docs] Clarify that reverse proxy setups need trusted-proxies (#1127)

* [docs] Clarify that reverse proxy setups need trusted-proxies

* Remove the jq usage
---
 docs/installation_guide/apache-httpd.md | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'docs/installation_guide/apache-httpd.md')

diff --git a/docs/installation_guide/apache-httpd.md b/docs/installation_guide/apache-httpd.md
index 53f9ce25b..c6e30b850 100644
--- a/docs/installation_guide/apache-httpd.md
+++ b/docs/installation_guide/apache-httpd.md
@@ -100,6 +100,8 @@ You should also change `http://localhost:8080` to the correct address and port o
 
 `ProxyPreserveHost On` is essential: It guarantees that the proxy and the GoToSocial speak of the same Server name. If not, GoToSocial will build the wrong authentication headers, and all attempts at federation will be rejected with 401 Unauthorized.
 
+By default, apache sets `X-Forwarded-For` in forwarded requests. To make this and rate limiting work, set the `trusted-proxies` configuration variable. See the [rate limiting](../api/ratelimiting.md) and [general configuration](../configuration/general.md) docs
+
 Save and close the config file.
 
 Now we'll need to link the file we just created to the folder that Apache HTTP Server reads configurations for active sites from.
-- 
cgit v1.2.3