If the HumHub application is working behind a reverse proxy (especially an SSL terminator), the reverse proxy must be marked as trusted host.
The following headers are only accepted by a trusted host:
The trusted host must be specified in the configuration file
An array key is an IPv4 or IPv6 IP address in CIDR notation for matching a client.
An array value is a list of headers to trust. These will be matched against $secureHeaders to determine which headers are allowed to be sent by a specified host. The case of the header names must be the same as specified in $secureHeaders.
You can find more information in the Yii2 documentation: https://www.yiiframework.com/doc/api/2.0/yii-web-request#$trustedHosts-detail
If the proxy also acts as a cache, it is important that query parameters are taken into account.
When static files are modified (e.g. during an upgrade), HumHub automatically adds a new query parameter value (cache bust).
The following paths can be cached:
Example NGINX caching snippet (incomplete):