We using sidekiq gem on production server with nginx, haproxy, thin. Also we using sidekiq UI for authenticated admin users (activeadmin):
authenticate :admin_user do
mount Sidekiq::Web => '/sidekiq'
end
After authentication we try to open /sidekiq. Instead of seeing sidekiq ui we receive only "forbidden". Furthermore, we lost devise session. So if we try to open /admin, activeadmin require authentication again.
We facing this issue only on production server, on dev it works fine.
We using: nginx(https) haproxy(http) thin (http) sidekiq 4.1.1 devise 3.5.6 activeadmin 1.0.0.pre2 sinatra 1.4.7
You need to have proper headers forwarded to your application else rack-protection will block requests.
In Nginx server configuration you need:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
Then in HAProxy you need to forward IP to you app
option forwardfor header X-Client
I use to have option forwardfor header X-Real-IP to transfer IP in app but this is not working for rack-protection.