You can use a reverse proxy server to pass through web requests to your Deskpro server, even if it is within your local network on a private IP. Similarly, you may wish to use a Content Delivery Network (CDN) such as Cloudflare, Cloudfront or Fastly to reduce the active load on your server and protect from DDoS attacks.

If you do wish to use one of these services, then you need to let Deskpro know that these services are in place and that they can be trusted. By default, Deskpro will assume that the connection is not using a proxy and this may cause issues with your helpdesk not behaving correctly.

You can add a trusted proxy through the following methods:

Via WebGUI

In the OPC, click Settings then Advanced Settings. In the top section, you can add trusted proxies either with IP addresses directly, or subnets with CIDR notation (i.e. 192.168.0.0/24).

In the section below, you can select which headers you would like Deskpro to trust. Some services do not provide all the recommended headers, so we recommend disabling any headers you do not use.

Via CLI

You can add trusted proxies with the following command:

opc proxy add -p {ip_address}
 copy

You will need to change {ip_address} with the IP address or subnet in CIDR notation.

If you need to enable or disable which headers are trusted, you can do so with the following command:

opc proxy config [flags]
 copy

The following flags are supported with this command, which allow you to configure which headers are trusted.

--real-ip-header string         The header to use to for the real IP of the visitor
--trust-x-forwarded-host int    Trust the X_Forwarded_Host header [0 | 1] (default -1)
--trust-x-forwarded-port int    Trust the X_Forwarded_Port header [0 | 1] (default -1)
--trust-x-forwarded-proto int   Trust the X_Forwarded_Proto header [0 | 1] (default -1)
--trust-x-real-ip int           Trust the X_Real_IP header [0 | 1] (default -1)
 copy