diff --git a/docs/operate/customize/configuration.md b/docs/operate/customize/configuration.md index 046d5401..3562e02d 100644 --- a/docs/operate/customize/configuration.md +++ b/docs/operate/customize/configuration.md @@ -68,14 +68,16 @@ TRUSTED_HOSTS = ['www.example.org'] Failing to properly configure this variable will cause the error `Bad Request Host x.x.x.x is not trusted.` when starting the web app. -### ``WSGI_PROXIES`` +### ``PROXYFIX_CONFIG`` Invenio is commonly used with both a load balancer and a web server in front of the application server. The load balancer and web server both work as proxies, which means that the clients remote address usually gets added in the X-Forwarded-For HTTP header. Invenio will automatically extract the clients IP address from the HTTP header, however to prevent clients from doing IP spoofing you need to specify exactly how many proxies you have in front of you application server: ``` -WSGI_PROXIES = 2 +PROXYFIX_CONFIG={'x_for': 1, 'x_proto': 1} ``` +You can find out more about the configuration options in [invenio-base](https://github.com/inveniosoftware/invenio-base/blob/f868e5e91cef7a6d4c7edfdb76669443484da331/invenio_base/wsgi.py) + ### Secret keys Probably the most important security measure is to have strong random secret keys set for your InvenioRDM instance. diff --git a/docs/releases/maintenance-policy.md b/docs/releases/maintenance-policy.md index e1115836..410dbd26 100644 --- a/docs/releases/maintenance-policy.md +++ b/docs/releases/maintenance-policy.md @@ -23,7 +23,7 @@ Following is an overview of future end of life (EOL) dates for recent releases: | Release | Date | Maintained | Until | | ------- | ---------- | ---------- | ----------------------------- | | v13 | 2025-07-23 | ✅ | next major release + 6 months | -| v12 | 2024-08-01 | ✅ | 2026-01-24 | +| v12 | 2024-08-01 | ❌ | 2026-01-24 | | v11 STS | 2023-01-26 | ❌ | 2024-08-01 | | v10 STS | 2022-10-10 | ❌ | 2023-01-26 | | v9 LTS | 2022-05-24 | ❌ | 2025-02-01 |