Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [x-forwarded-for]

HTTP header field for identifying the origin IP address

HTTP header field is a de facto standard for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. This is an HTTP request header which was introduced by the Squid caching proxy server's developers. A standard has been proposed at the Internet Engineering Task Force (IETF) for standardising the Forwarded HTTP header.

70 questions
3
votes
1 answer

Location based whitelisting of IP's on nginx webservers behind Elastic Load Balancer

I run nginx webservers behind an elastic load balancer in AWS. The real IP is got through X-Forwarded-For. The issue faced is how to use this to deny all and whitelist only specific sources for particular locations. Something like: location /test/…
linuxtester
  • 31
  • 2
3
votes
1 answer

Amazon ELB not Passing "X-Forwarded-For" to IIS

ELB is setup to accept public HTTPS (443) connections and send them on as HTTP (80) to the EC2 instances. The EC2 instances run an IIS app that needs to know the user's IP address. According to everything I've read on this site and elsewhere, ELB is…
Chad Decker
  • 355
  • 1
  • 6
  • 12
3
votes
3 answers

Varnish client.ip says 127.0.0.1

So I have a setup like Nginx -> varnish -> apache2 If I get a request with a static file it is sent through nginx to varnish and back to nginx again since its a lot faster than letting apache2 server it. My problem is that when I do a sub vcl_fetch…
Ronnie Jespersen
  • 221
  • 5
  • 13
2
votes
0 answers

Stop a user from circumventing IP block?

A user is somehow avoiding an IP block in apache 2.2/2.4, and I can not figure out how. The company I work for hosts hundreds of sites in different datacenters; this user is attacking several of the sites we host. Depending on the datacenter, the…
suhmedoh
  • 21
  • 1
2
votes
2 answers

Using Nginx real_ip when you don't know the intermediate proxy IP addresses

Nginx's real_ip module allows you to set the $remote_addr variable based on values sent in particular header fields. It has a special understanding of the X-Forwarded-For header, and is able to use the right-most untrusted value in the header as the…
Daniel Compton
  • 196
  • 9
2
votes
1 answer

prevent X-Forwarded-For spoofing in haproxy

Yesterday we got hit by a DDoS attack reaching our webserver backends (apache2). The frontend consists of haproxy loadbalancing connections to the webservers. On access.log of apache we saw thousands of requests from two ips and after a couple of…
giomanda
  • 1,644
  • 4
  • 20
  • 30
2
votes
0 answers

HAProxy, why would a replaced HTTP header have a number at the end?

Can someone explain what the "X-Forwarded-Proto2" header is in this HAProxy frontend stanza?: frontend main *:443 ... reqirep ^(X-Forwarded-Proto:)(.*) X-Forwarded-Proto2:\2 ... I understand that HAProxy is injecting a HTTP header. But why…
blindsnowmobile
  • 347
  • 5
  • 15
2
votes
0 answers

Apache proxy server not passing X-Forwarded-For

I am migrating some sites from one server to another. To avoid any downtime, I am proxying moved sites through the old server while the DNS updates. On the original (proxy) server, I have the following: Servername…
Zakalwe
  • 143
  • 2
  • 7
2
votes
1 answer

Apache HTTPD's remoteip not working

I've configured remoteip and checked that it's actually loaded. The remoteip.conf is loaded as well. I checked the latter by introducing a wrongly formatted IP in the following (correct) config: RemoteIPHeader X-Forwarded-For RemoteIPTrustedProxy…
hbogert
  • 411
  • 1
  • 4
  • 18
2
votes
1 answer

Nginx running behind Varnish and x-forwarded-for, how do I fool nginx?

I have a setup where I'm looking at running nginx behind a varnish cache. I currently use apache instead of varnish and use x-forwarded-for to have apache tricked into thinking the remoteip is the client ip address and not the proxy address. I've…
Bryan McLemore
2
votes
1 answer

Nginx not getting the real visitor IP in server block

I am using a loadbalancer in my current setup, requests come from ip 10.71.128.13. I am using Nginx as a front to a Gunicorn backend. I want to get the real IP address of the visitor and log it (not the loadbalancer IP). My nginx.conf: log_format …
Daniel Pilch
  • 141
  • 3
2
votes
2 answers

Fail2ban and X-Forwarded

I am configuring fail2ban on my webservers. My Webservers are behind ELB. so I configured X-forwarded to get the real IP's in Apache Access logs.But unfortunately fail2ban not able scan accesslogs when x-forwarded is enabled in access logs.This is…
nitheeshp
  • 21
  • 3
2
votes
2 answers

X-Forwarded-For not showing up in tomcat7 access log

I'm trying to print out the remote client IP on a tomcat running behind an ELB and for some reason it's not being printed out to the access log. my elb configuartion is : 80 -> 8080 443 -> 8080 Running tomcat7 and my host configuration on…
Amnon
  • 121
  • 1
  • 3
1
vote
0 answers

Does in-the-field experience suggest that a HTTP POST is more reliable than PUT and DELETE

I need to cross reference my experience with that of professionals, as I'm developing a REST application that can either Use on HTTP POST for all delete and create operations Or use HTTP DELETE and PUT for the same operations Is there any…
makerofthings7
  • 8,821
  • 28
  • 115
  • 196
1
vote
0 answers

Correct log format dependent on route

I have a few virtual hosts running on a server, a couple are through a CDN and have X-Forward-For added to the headesr, sometimes it just goes through a load balancer where RemoteIPHeader is added. I have 3 custom log configs: LogFormat "%h %l %u %t…
Rudiger
  • 181
  • 13
1
2
3 4 5