Problem Statement
The rate limiter relies directly on c.ClientIP(). When deployed behind reverse proxies or load balancers (like Nginx, Cloudflare), malicious users can easily bypass rate limits by spoofing the X-Forwarded-For header.
Technical Approach
Explicitly configure Gin's SetTrustedProxies with the known internal IP ranges of the load balancers, ensuring c.ClientIP() only parses headers from trusted sources.
Acceptance Criteria
- Rate limiting cannot be bypassed by injecting fake IP headers.
- Genuine client IPs are accurately logged in the audit trail.
Problem Statement
The rate limiter relies directly on
c.ClientIP(). When deployed behind reverse proxies or load balancers (like Nginx, Cloudflare), malicious users can easily bypass rate limits by spoofing theX-Forwarded-Forheader.Technical Approach
Explicitly configure Gin's
SetTrustedProxieswith the known internal IP ranges of the load balancers, ensuringc.ClientIP()only parses headers from trusted sources.Acceptance Criteria