I would like to request an additional method for determining whether a request is made from a local network or a remote network when using a reverse-proxy/web application firewall. A reverse proxy will typically use the interface address closest to the real web server, thus when using it, my plex server sees the internal address of the web app firewall as the source address, thereby bypassing authentication. It does allow the use of x-forwarded-for http host header information, such that a web server can use that to identify the real client address. Would it be possible to use that as a second form of determining if a host is local or remote?
I know I can turn on auth for everything, but is there an easy way to leave it local for all but one LAN address? If so, I would not need this feature I think.
Wikipedia link about X-Forwarded-For.
