diff --git a/docs/deployment-environment.mdx b/docs/deployment-environment.mdx index 97187ad..1cc9c10 100644 --- a/docs/deployment-environment.mdx +++ b/docs/deployment-environment.mdx @@ -23,27 +23,12 @@ If the new deployment fails to become healthy, it will be retried 3 times while HTTPS traffic is proxied to your app on the project's default subdomain and any [custom domains]() that have been added. -### Rate Limiting - -If you wish to implement manual rate limiting, the proxy sets the `X-Forwarded-For` HTTP header on incoming requests to the remote IP address of the request. To use this with your router directly, you can typically use it at the function handler level. See below for an example of usage with the Axum web framework: -```rust -async fn handler(headers: HeaderMap) -> impl IntoResponse { - // Try to extract the X-Forwarded-For header - if let Some(forwarded_for) = headers.get("X-Forwarded-For") { - if let Ok(forwarded_for_str) = forwarded_for.to_str() { - return format!("X-Forwarded-For: {}", forwarded_for_str); - } - } - - String::from("No X-Forwarded-For header found") -} -``` +### Request Headers -In terms of crates, the `governor` crate (commonly used for rate limiting) has been used as the base for a number of `*-governor` crates which allow you to easily create your own rate limiting: -- [`tower-governor`](https://docs.rs/tower_governor/latest/tower_governor/) -- [`actix-governor`](https://docs.rs/actix-governor/latest/actix_governor/) +#### X-Forwarded-For +`X-Forwarded-For` is a header that allows you to get the original IP of the HTTP request. Deployed Shuttle projects sit behind a proxy, meaning that when you try to get the IP address normally you may end up with the proxy IP instead of the requester IP. With the `X-Forwarded-For` header, you can now always get the requester IP by parsing the given header value. -If you need to implement your own custom rate limiting, our [blog post on how to write API rate limiting yourself](https://www.shuttle.dev/blog/2024/02/22/api-rate-limiting-rust) may prove useful. You can also additionally implement your own middleware that utilises the `governor` crate itself. +To implement your own custom rate limiting, our [blog post on how to write API rate limiting yourself](https://www.shuttle.dev/blog/2024/02/22/api-rate-limiting-rust) may prove useful. You can also additionally implement your own middleware that utilises the `governor` crate, as seen on [`tower-governor`](https://docs.rs/tower_governor/latest/tower_governor/) and [`actix-governor`](https://docs.rs/actix-governor/latest/actix_governor/). ## Environment variables