updateHEADmain

2 files changed, 7 insertions, 5 deletions

diff --git a/main.go b/main.go
index af5e4c7..140c912 100644
--- a/main.go
+++ b/main.go
@@ -43,8 +43,8 @@ func getIP(request *http.Request) (string, error) {
 
 	log.Println(request.RemoteAddr)
 
-	if len(splitIps) > 1 {
-		netIP := net.ParseIP(splitIps[len(splitIps)-2])
+	if len(splitIps) > 0 {
+		netIP := net.ParseIP(splitIps[len(splitIps)-1])
 		log.Println("one:", netIP.String())
 		if netIP != nil {
 			return netIP.String(), nil
diff --git a/nginx.conf b/nginx.conf
index b917535..b18cafc 100644
--- a/nginx.conf
+++ b/nginx.conf
@@ -6,6 +6,7 @@ http {
   include /etc/nginx/mime.types;
   server_tokens off;
   limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m;
+
   server {
     listen 443 ssl;
     keepalive_timeout 60;
@@ -26,13 +27,14 @@ http {
     add_header X-XSS-Protection "1; mode=block" always;
     add_header Referrer-Policy "no-referrer";
     fastcgi_hide_header X-Powered-By;
-    proxy_set_header X-Real-IP       $proxy_protocol_addr;
-    proxy_set_header X-Forwarded-For $proxy_protocol_addr;
 
     error_page 401 403 404 /404.html;
     location / {
       proxy_pass http://icanhazallips:8080;
-      proxy_set_header X-Forwaded-For $proxy_add_x_forwarded_for;
+      proxy_set_header Host $host;
+      proxy_set_header X-Real-IP $remote_addr;
+      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+      proxy_set_header X-Forwarded-Proto https;
     }
   }
 }