Trusted proxy addresses

A list of IP addresses or networks (one per line, in the same format as the allowed addresses field above) that are permitted to provide proxy headers such as X-Forwarded-For, X-Real-IP, X-SSL-Client-DN and X-SSL-Client-Verify.

When this list is set, headers received from any other peer are ignored, preventing a client that can reach Webmin directly from spoofing its source IP or impersonating a user via a fake SSL client certificate header.

This field is required when the trust level is set to trust both the remote IP and SSL certificate provided by proxies. It is strongly recommended whenever any proxy header trust is enabled.

Example:

10.0.0.5
192.168.1.0/24
2001:DB8::/32