ngx_http_realip_module cannot read CloudFront-Viewer-Address IPV6 header
|Reported by:||Owned by:|
|Keywords:||ngx_http_realip_module, ipv6, cloudfront-viewer-address||Cc:|
|uname -a:||Linux wordpress-deployment-6bd9bdb7b8-hjqdm 5.10.184-175.731.amzn2.aarch64 #1 SMP Tue Jun 27 21:48:49 UTC 2023 aarch64 GNU/Linux|
nginx version: nginx/1.25.1
built by gcc 12.2.0 (Debian 12.2.0-14)
built with OpenSSL 3.0.9 30 May 2023
We have problem that nginx cannot read CloudFront-Viewer-Address if the client is coming with IPV6 address.
Manually tampering the CloudFront-Viewer-Address I have come to the following conclusion which works and which not:
ipv6 with or without brackets and no port - fine
ipv6 with brackets and port - fine
ipv6 without brackets and port - broken
Problem is that it's not customizable on Cloudfront side on which format to send this header. It can only send you the IP without brackets and port in the following format:
Any ideas how to solve this problem?
Documentation about this header is here: