github-starred/better-auth
2
0
Fork 0
mirror of https://github.com/better-auth/better-auth.git synced 2026-05-24 08:01:56 -05:00
Code Issues 2.5k Packages Projects Releases 112 Wiki Activity

docs: update ip address headers info callout

Browse Source
This commit is contained in:
Taesu
2025-12-18 21:17:10 +09:00
parent 7909921b6f
commit 43f75c96c5
1 changed files with 6 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
docs/content/docs/reference/security.mdx
View File

@@ -100,7 +100,12 @@ You can configure the IP address header in your Better Auth configuration:
This ensures that Better Auth only accepts IP addresses from your trusted proxy's header, making it more difficult for attackers to bypass rate limiting or other IP-based security measures by spoofing headers.
> **Important**: When setting a custom IP address header, ensure that your proxy or load balancer is properly configured to set this header, and that it cannot be set by end users directly.
<Callout type="info">
**Important**
- When setting a custom IP address header, ensure that your proxy or load balancer is properly configured to set this header, and that it cannot be set by end users directly.
- In dev/test environments, if the IP cannot be retrieved from headers, 127.0.0.1 is used as a fallback.
</Callout>
## Trusted Origins