Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [x-forwarded-for]

HTTP header field for identifying the origin IP address

HTTP header field is a de facto standard for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer. This is an HTTP request header which was introduced by the Squid caching proxy server's developers. A standard has been proposed at the Internet Engineering Task Force (IETF) for standardising the Forwarded HTTP header.

70 questions
1
vote
0 answers

Apache 2.4 X-Forwarded-For for remoteip

I configured apache 2.4 with following file /etc/apache2/conf-available/remoteip.conf RemoteIPHeader X-Forwarded-For RemoteIPTrustedProxy 127.0.0.1 But It will not include header in tomcat. Tomcat server.xml
Gaurav Ashara
  • 111
  • 2
1
vote
0 answers

Restore original visitor IP for static site on AWS S3 using Cloudflare

I've a static site on S3, with cloudflare as my DNS provider. The server logs are collected in an S3 bucket. However the visitor IP address in the log files points to cloudflare servers instead of the real visitor IP. I know how to restore original…
user
  • 111
  • 5
1
vote
2 answers

Getting X-Forwarded behind AWS TCP Load Balancer for https

I have an AWS TCP load balancer on an autoscaling pool, There are multiple domains behind it so I can't do SSL termination on the load balancer, hence TCP. I've updating my logging format to log the X-Forwarded-For and this works well for HTTP…
Rudiger
  • 181
  • 13
1
vote
2 answers

Logging original requestor IP instead of forward proxy IP for certain HTTP requests (nginx logs)

I use nginx as a reverse proxy in front of our application web server (gunicorn; it's a Django app). Majority of the users hitting this web application are actually routed through a forward proxy. Since requests pass through the forward proxy's…
Hassan Baig
  • 2,033
  • 11
  • 27
  • 47
1
vote
1 answer

X-forwarded-for NULL in Tomcat

We are injecting the x-forwarded-for header in the loadbalancer, which sends the request to apache web server, which inturn proxys (mod_proxy_balancer) the request to the backend tomcat server. we are seeing the client IP in 'x-forwarded-for' header…
akay
  • 53
  • 1
  • 5
1
vote
1 answer

Get client IP with Header add in Apache2

I am attempting to get the client IP in a HTTP header. I have seen a lot of references to getting this in Logs however i dont know how this translates to passing it as a header. I was going to use header add like below but dont know how to refer to…
EamonnMcElroy
  • 11
  • 1
  • 2
1
vote
1 answer

IIS server farm with ARR: Why does HTTP_X_FORWARDED_FOR have a port number?

I've got a server farm set up in IIS 8.5. When I inspect the HTTP_X_FORWARDED_FOR header in my application code, it gives me the correct IP address but it contains a colon and a port number. E.g. HTTP_X_FORWARDED_FOR 127.0.0.1:64031 I know that…
theyetiman
  • 111
  • 5
1
vote
1 answer

Allowing multiple IPs behind ELB in Apache configuration

I have multiple application servers running as EC2 instances. Only certain bare-metal servers running elsewhere are allowed to contact them and their IPs whitelisted explicitly in the httpd.conf @the application servers. I want to move the…
silvester anfang
  • 11
  • 1
1
vote
1 answer

apache forward REMOTE_USER to X-Forwarded-User

I would like to pass the environment variable REMOTE_USER set by apache when HTTP basic authentication is correct to a backend. This would provide authentication to the backend server as well. Here is my apache2 configuration file:
philippe
  • 2,131
  • 4
  • 30
  • 53
1
vote
2 answers

Squid: disable X-Forwarded-For, but only for specific ACLs

I know, that I can turn off X-Forwarded-For header in Squid completley by using directive "forwarded_for off" or "forwarded_for delete" globally. I would like to be able to disable that header only for specific ACLs, so I can disable this header…
dotz
  • 113
  • 1
  • 3
1
vote
1 answer

Logging X-Forwarded-For IP in Shibboleth's Audit Logs

This is a follow up from my earlier question on capturing the X-Forwarded-For IP address in across multiple proxies. Now, I'm looking to capture the Client's IP in the application's (Shibboleth's IdP) logs. The follow is: Client > Load Balancer >…
KM.
  • 1,746
  • 2
  • 18
  • 31
1
vote
1 answer

How to inspect load balancer L7 Injected Headers

There is a hardware LB redirecting http to an Nginx SSL Offloader listening only at 443. I have no access to the LB, but I need to verify if it is injecting the X-Forwarded-For header. Why? I'm trying to log the client IP with http { log_format …
Eric Fortis
  • 378
  • 2
  • 6
1
vote
0 answers

ELB allows unencrypted/http communication on port 443?

I was testing a configuration of AWS ELB to use for SSL termination when I came across an intermittent issue... Ocasionally, you can specify HTTP with port 443 (http://...:443) and ELB will pass the X-Forwarded-Proto as HTTPS (even though it is an…
CarpeNoctumDC
  • 111
  • 3
1
vote
1 answer

On a shared public Internet connection, is there a way to identify outgoing network connections to assist with abuse claims?

I assist in running a public WiFi network, and we assign each user an internal IP address on the 10.0.0.0/8 subnet. We sometimes get emails about abuse of network services, but because of the nature of NAT we're never able to figure out what user…
ianweller
  • 156
  • 5
1
vote
1 answer

Haproxy Incoming X-Forwarded-For Header into Outgoing X-Forwarded-For

Is there any way that I can use Haproxy's ability to modify headers so that if the incoming connection has an X-Forwarded-For header for example I can then take the contents of this and add it into Haproxy's X-Forwarded-For record? My Current…
Chris
  • 1,269
  • 2
  • 17
  • 34
1 2
3
4 5