Updated Password Resets outside local network (markdown)

Password-Resets-outside-local-network.md

@@ -1,16 +1,19 @@
-If you have Jellyfin set up to recognize connections from the LAN network, it will complain when a user tries to do a password reset remotely. If you're using a reverse proxy, Jellyfin knows the real IP of a user through the `X-Real-IP`/`Host` HTTP headers, which common proxy configs include. If you want to allow password resets for remote users, you can selectively not add this header to the specific routes necessary, which are `http://<jellyfin address>/Users/ForgotPassword` and `http://<jellyfin address>/Users/ForgotPassword/Pin`. This way Jellyfin will see the IP of the reverse proxy, which should be on your local network. If the proxy isn't on the same network, you could maybe hardcode `X-Real-IP`/`Host` to a local address.
+If you have Jellyfin set up to recognize connections from the LAN network, it will complain when a user tries to do a password reset remotely. If you're using a reverse proxy, Jellyfin knows the real IP of a user through the `X-Forwarded-For` HTTP header, which common proxy configs include. If you want to allow password resets for remote users, you can selectively override this with an IP address the Jellyfin sees as local for the necessary routes, which are `http://<jellyfin address>/Users/ForgotPassword` and `http://<jellyfin address>/Users/ForgotPassword/Pin`.
 
 ***Example NGINX config***
-```
+```nginx
     # add to your \`server {\` section
+
+    # rest of jellyfin config
+
     location /Users/ForgotPassword {
         proxy_pass http://<jellyfin address>/Users/ForgotPassword;
-        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-For <any local ip address>;
     }
 
     location /Users/ForgotPassword/Pin {
         proxy_pass http://<jellyfin address>/Users/ForgotPassword/Pin;
-        proxy_set_header Host $host;
+        proxy_set_header X-Forwarded-For <any local ip address>;
     }
 ```