I noticed something a while ago - If you are looking at the Mattermost user logs, or at your own login security, such as the following image, you are shown the IP address of the local server running the Mattermost instance. This image is from the Mattermost Community Server, where I viewed my Access History.
I believe that a feature request or code change - with a corresponding update to the documentation - that reflects the implementation of acceptance and compatibility from the web client to the internal server, the usage of HTTP headers such as X-Forwarded-For, CF-Connecting-IP, and so on. This would allow simple implementation of each header to be read as the RemoteIPOrigin. In turn, this would in theory allow the actual IP addresses of the user’s to be shown in the logs, instead of the servers own local address, and also provide a reason to give users the option to disable tracking of their IP altogether, which would be helpful to this thread about GDPR compliance regarding IP tracking.
What are your thoughts on this, and potentially implementing this change? I’d appreciate any feedback/user debate about it!