When Mautic is deployed in a cloud environment, it is a common architectural pattern for the application server to be part of a backend or target group behind a load balancer. In the scenario of a multi-tenant Mautic setup where multiple instances are deployed with containers on each Docker host, each application instance sits behind a Traefik edge router as well. In networking terms, the edge router acts as a “reverse proxy” routing requests from the Docker host’s IP to the internal container IP of each app instance.
When Mautic is located behind one or more load balancers or reverse proxies like with the Autoize™ Marketing Automation Infrastructure, the actual visitor IP cannot be detected with the default configuration. The IP addresses recorded in Mautic’s contact records correspond to internal IPs such as 127.0.0.1, preventing the correct functioning of Mautic contact tracking.
In the Starter package, where the Docker server directly faces the Internet (without a load balancer), Traefik running in “host only” network mode is sufficient to work around this issue. For the Business package and above, the use of a cloud provider’s managed load balancer in conjunction with a reverse proxy requires that the Traefik edge router and the web server within the Mautic container both be configured to parse the PROXY protocol HTTP header.
Even though there are other methods such as using the X-Forwarded-For header to detect visitor IPs, the ideal solution is the PROXY protocol as it is supported as an industry-standard across load balancing services with various cloud providers and infrastructure software such as Traefik and Apache. For this reason, getting the visitor’s IP address from the PROXY protocol header works more consistently than relying on other HTTP headers.
If this sounds complicated to you, you can count on our architects to configure everything corresponding to the package and cloud provider that you select during the agency onboarding process. We will push the appropriate version of the container image into your Docker Hub account and build all the resources in your agency’s cloud account, giving you full ownership and control over your infrastructure.