[DOCS-4210] Clarify use of mms.remoteIp.header property Created: 20/Oct/14  Updated: 16/Mar/15  Resolved: 20/Oct/14

Status: Closed
Project: Documentation
Component/s: Cloud Manager
Affects Version/s: None
Fix Version/s: v1.3.13

Type: Task Priority: Major - P3
Reporter: Cailin Nelson Assignee: Sam Kleinman (Inactive)
Resolution: Done Votes: 0
Labels: mms-onprem
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Issue Links:
Related
Participants:
Days since reply: 9 years, 17 weeks, 1 day ago

 Description   

This page https://mms.mongodb.com/help-hosted/current/tutorial/configure-application-high-availability/ describes the setting of the property, but does not explain why the property is needed.

In the config file, we provide the following explanation:

# IMPORTANT: MMS uses the client IP address for auditing and access control to
# the API. When behind a load balancer your network security should not allow direct
# access to the MMS web server. Failure to restrict access will allow clients to
# potentially inject HTTP headers and spoof a client IP address.

Please add this to the documentation as well.



 Comments   
Comment by Githook User [ 21/Oct/14 ]

Author:

{u'username': u'tychoish', u'name': u'Sam Kleinman', u'email': u'samk@10gen.com'}

Message: DOCS-4210: fixes re @cory
Branch: master
https://github.com/10gen/mms-docs/commit/e0f0131e053e660bf14b2b5a0744ca3e8fbe7d9c

Comment by Githook User [ 20/Oct/14 ]

Author:

{u'username': u'tychoish', u'name': u'Sam Kleinman', u'email': u'samk@10gen.com'}

Message: DOCS-4210: remoteIp.header
Branch: master
https://github.com/10gen/mms-docs/commit/cbe2e273c994e5a7a389011e8aac7462b7f7cf7b

Generated at Thu Feb 08 07:47:27 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.