Questions tagged [x-forwarded-for]
HTTP header field for identifying the origin IP address
70
questions
14
votes
1
answer
23k
views
How to log original value of $remote_addr when using Real-IP
My environment has user requests passing through a number of systems:
[Client] --> [ELB] ---> [nginx] --> [web]
(ELB = AWS Elastic Load Balancer)
Thanks to this answer, I have nginx determining and ...
10
votes
2
answers
32k
views
Apache mod_remoteip and access logs
Since Apache 2.4 I've started using mod_remoteip instead of mod_extract_forwarded for rewriting client address from x-forwarded-for provided by frontend servers (varnish, squid, apache etc).
So far ...
8
votes
1
answer
14k
views
Possible to log X-FORWARDED-FOR to nginx error_log?
Nginx allows custom log formats for access logs -- right now I'm logging http_x_forwarded_for and it's working fine.
The problem is my error log only shows the LB IP. After Googling and reading ...
8
votes
3
answers
61k
views
Forwarding real remote IP to proxied server with nginx
To hide my website IP I proxied the main server with nginx on another VPS. I am trying to send the visitor real IP to my website and here is my config in conf.d folder:
proxy_cache_path /etc/nginx/...
8
votes
2
answers
12k
views
Nginx clear X-Forwarded-For before setting
What can I use in the nginx config to make it clear any existing X-Forwarded-For headers before setting its own? I am currently using Nginx to terminate SSL before passing traffic to HAProxy to load ...
7
votes
3
answers
18k
views
Overriding the X-Forwarded-For header in haproxy?
In my HAProxy load balancer, I have the following config chunks:
defaults
mode http
log global
option httplog clf
option ...
7
votes
3
answers
8k
views
F5 Big-IP, X-Forwarded-For and IIS Logs
I've got an F5 Big-IP that is mangaged by our hosting provider. It's dedicated to our private VLAN, etc. Works great :)
We requested them to add in an X-Forwarded-For HTTP-Header field. They've done ...
7
votes
3
answers
9k
views
How to best configure IIS7 logging to capture "HTTP_X_FORWARDED_FOR" header
We have IIS7 servers sitting behind an nginx reverse proxy.
The reverse proxy is sending the standard "HTTP_X_FORWARDED_FOR" header with the visitor IP address, but IIS7 logging is only logging the ...
7
votes
1
answer
19k
views
Add haproxy X-Forwarded-Host request header
I have a Haproxy instance that rewrites Host headers to internal ones using http-request set-header.
http-request set-header Host internal.example
However, I'd still like backends to have access to ...
6
votes
2
answers
6k
views
Private address space IP found in X-Forwarded-For
I'm reverse proxying with nginx behind Google Cloud (HTTPS) Load Balancer, so I add the X-Forwarded-For header so that the backend can extract the client (browser) IP.
This morning I noticed a 10.x....
6
votes
2
answers
7k
views
mod_evasive behind HAPROXY
I have a couple of Apache 2 machines behind an HAPROXY setup, I tried to setup mod_evasive on those Apache machine while also using mod_rpaf to get the real X-FORWARDED client ip.
For some reason, ...
4
votes
1
answer
5k
views
is there a standard for chaining x-forwarded-for headers?
IETF RFC 2616 Section 4.2 allows a request to contain multiple headers with the same field-name as long as chronological order of insertion is preserved and their values can be converted into single ...
3
votes
1
answer
4k
views
Apache HTTPD's remoteip not working
I've configured remoteip and checked that it's actually loaded. The remoteip.conf is loaded as well. I checked the latter by introducing a wrongly formatted IP in the following (correct) config:
...
3
votes
1
answer
6k
views
Amazon ELB not Passing "X-Forwarded-For" to IIS
ELB is setup to accept public HTTPS (443) connections and send them on as HTTP (80) to the EC2 instances.
The EC2 instances run an IIS app that needs to know the user's IP address. According to ...
3
votes
3
answers
6k
views
Varnish client.ip says 127.0.0.1
So I have a setup like Nginx -> varnish -> apache2
If I get a request with a static file it is sent through nginx to varnish and back to nginx again since its a lot faster than letting apache2 server ...
3
votes
1
answer
2k
views
Configuring nginx to log original requestor IP (instead of IP of forward proxy)
On an nginx-enabled website I maintain, some visitors are behind a certain forward proxy. Since requests pass through the proxy's servers, the HTTP Request IP address in these cases is always from ...
3
votes
1
answer
3k
views
Location based whitelisting of IP's on nginx webservers behind Elastic Load Balancer
I run nginx webservers behind an elastic load balancer in AWS.
The real IP is got through X-Forwarded-For.
The issue faced is how to use this to deny all and whitelist only specific sources for ...
3
votes
1
answer
2k
views
Pass Client IP from AWS ELB to HA Proxy
We have a issue in our application where the client IP is not getting passed to the App servers in the following setup.
USER---------> AWS ELB -----------> HAPROXY -----------> Application server(...
3
votes
1
answer
4k
views
Check Varnish ACL via X-Forwarded-For when behind one or more(!) reverse proxies
I have Varnish running behind a reverse proxy (running on localhost, for SSL offloading). The proxy sets the X-Forwarded-For header or adds itself to it if the header already exists.
When I do ACL ...
2
votes
1
answer
4k
views
prevent X-Forwarded-For spoofing in haproxy
Yesterday we got hit by a DDoS attack reaching our webserver backends (apache2). The frontend consists of haproxy loadbalancing connections to the webservers. On access.log of apache we saw thousands ...
2
votes
1
answer
3k
views
Nginx running behind Varnish and x-forwarded-for, how do I fool nginx?
I have a setup where I'm looking at running nginx behind a varnish cache. I currently use apache instead of varnish and use x-forwarded-for to have apache tricked into thinking the remoteip is the ...
2
votes
2
answers
10k
views
X-Forwarded-For not showing up in tomcat7 access log
I'm trying to print out the remote client IP on a tomcat running behind an ELB and for some reason it's not being printed out to the access log.
my elb configuartion is :
80 -> 8080
443 -> 8080
...
2
votes
2
answers
2k
views
Fail2ban and X-Forwarded
I am configuring fail2ban on my webservers. My Webservers are behind ELB. so I configured X-forwarded to get the real IP's in Apache Access logs.But unfortunately fail2ban not able scan accesslogs ...
2
votes
2
answers
2k
views
Using Nginx real_ip when you don't know the intermediate proxy IP addresses
Nginx's real_ip module allows you to set the $remote_addr variable based on values sent in particular header fields. It has a special understanding of the X-Forwarded-For header, and is able to use ...
2
votes
0
answers
185
views
Stop a user from circumventing IP block?
A user is somehow avoiding an IP block in apache 2.2/2.4, and I can not figure out how. The company I work for hosts hundreds of sites in different datacenters; this user is attacking several of the ...
2
votes
0
answers
225
views
HAProxy, why would a replaced HTTP header have a number at the end?
Can someone explain what the "X-Forwarded-Proto2" header is in this HAProxy frontend stanza?:
frontend main *:443
...
reqirep ^(X-Forwarded-Proto:)(.*) X-Forwarded-Proto2:\2
...
I understand ...
2
votes
0
answers
8k
views
Apache proxy server not passing X-Forwarded-For
I am migrating some sites from one server to another. To avoid any downtime, I am proxying moved sites through the old server while the DNS updates.
On the original (proxy) server, I have the ...
2
votes
1
answer
1k
views
Nginx not getting the real visitor IP in server block
I am using a loadbalancer in my current setup, requests come from ip 10.71.128.13.
I am using Nginx as a front to a Gunicorn backend. I want to get the real IP address of the visitor and log it (not ...
1
vote
1
answer
3k
views
IIS server farm with ARR: Why does HTTP_X_FORWARDED_FOR have a port number?
I've got a server farm set up in IIS 8.5. When I inspect the HTTP_X_FORWARDED_FOR header in my application code, it gives me the correct IP address but it contains a colon and a port number.
E.g.
...
1
vote
1
answer
3k
views
Haproxy Incoming X-Forwarded-For Header into Outgoing X-Forwarded-For
Is there any way that I can use Haproxy's ability to modify headers so that if the incoming connection has an X-Forwarded-For header for example I can then take the contents of this and add it into ...
1
vote
2
answers
3k
views
Logging original requestor IP instead of forward proxy IP for certain HTTP requests (nginx logs)
I use nginx as a reverse proxy in front of our application web server (gunicorn; it's a Django app). Majority of the users hitting this web application are actually routed through a forward proxy.
...
1
vote
1
answer
97
views
On a shared public Internet connection, is there a way to identify outgoing network connections to assist with abuse claims?
I assist in running a public WiFi network, and we assign each user an internal IP address on the 10.0.0.0/8 subnet. We sometimes get emails about abuse of network services, but because of the nature ...
1
vote
2
answers
3k
views
Getting X-Forwarded behind AWS TCP Load Balancer for https
I have an AWS TCP load balancer on an autoscaling pool, There are multiple domains behind it so I can't do SSL termination on the load balancer, hence TCP.
I've updating my logging format to log the ...
1
vote
1
answer
3k
views
Is there a local "firewall" to block by "X-Forwarded-For" IPs behind the reverse proxies?
The situation is quite typical. I'm using CentOS + Apache(s) behind a Load-balancer for the WebSites.
At this point, let's assume i don't have any access to the Load-balancer (or) let's forget about ...
1
vote
1
answer
441
views
How to inspect load balancer L7 Injected Headers
There is a hardware LB redirecting http to an Nginx SSL Offloader listening only at 443. I have no access to the LB, but I need to verify if it is injecting the X-Forwarded-For header.
Why? I'm ...
1
vote
3
answers
4k
views
OpenSource (Layer 4) Load Balancer that can pass through original client IP?
I am setting up a web application which uses SSL for all requests. It needs to have room for scaling and also be highly available. It seems that the "recommended" way to handle this is to setup a pair ...
1
vote
1
answer
1k
views
Show upstream Cloudflare server IP after enabled nginx / set_real_ip_from
I've followed cloudflare doc [1] that enabled set_real_ip_from in order to show original client's IP
My log format is
log_format main '$remote_addr $http_cf_connecting_ip $http_x_forwarded_for
...
1
vote
1
answer
11k
views
Get client IP with Header add in Apache2
I am attempting to get the client IP in a HTTP header. I have seen a lot of references to getting this in Logs however i dont know how this translates to passing it as a header. I was going to use ...
1
vote
1
answer
10k
views
apache forward REMOTE_USER to X-Forwarded-User
I would like to pass the environment variable REMOTE_USER set by apache when HTTP basic authentication is correct to a backend. This would provide authentication to the backend server as well.
Here ...
1
vote
1
answer
6k
views
Logging X-Forwarded-For IP in Shibboleth's Audit Logs
This is a follow up from my earlier question on capturing the X-Forwarded-For IP address in across multiple proxies. Now, I'm looking to capture the Client's IP in the application's (Shibboleth's IdP) ...
1
vote
0
answers
640
views
Apache's remoteip module does not populate the client_ip
In an intranet environment, I have a relatively involved scenario, all on the same server:
IIS server acting as a reverse proxy listening on 443
forwards matching requests to localhost:1080/redmine
...
1
vote
0
answers
170
views
"proxy_set_header Upgrade" causes "real_ip_header" not working
nginx config:
map $http_upgrade $connection_upgrade {
default keep-alive;
'websocket' upgrade;
}
set_real_ip_from 127.0.0.1;
set_real_ip_from 192.168.203.1;
real_ip_recursive on;
real_ip_header X-...
1
vote
1
answer
3k
views
Apache won't record X-Forwarded-For
I am trying to record the a client ip stored in the X-Forwarded-For http header in the Apache access logs but having no luck and have been pulling my hair out for hours. I've tried a ton of different ...
1
vote
0
answers
28
views
Does in-the-field experience suggest that a HTTP POST is more reliable than PUT and DELETE
I need to cross reference my experience with that of professionals, as I'm developing a REST application that can either
Use on HTTP POST for all delete and create operations
Or use HTTP DELETE and ...
1
vote
0
answers
225
views
Correct log format dependent on route
I have a few virtual hosts running on a server, a couple are through a CDN and have X-Forward-For added to the headesr, sometimes it just goes through a load balancer where RemoteIPHeader is added.
I ...
1
vote
0
answers
2k
views
Apache 2.4 X-Forwarded-For for remoteip
I configured apache 2.4 with following file
/etc/apache2/conf-available/remoteip.conf
RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 127.0.0.1
But It will not include header in tomcat.
...
1
vote
0
answers
242
views
Restore original visitor IP for static site on AWS S3 using Cloudflare
I've a static site on S3, with cloudflare as my DNS provider. The server logs are collected in an S3 bucket. However the visitor IP address in the log files points to cloudflare servers instead of the ...
1
vote
1
answer
709
views
Allowing multiple IPs behind ELB in Apache configuration
I have multiple application servers running as EC2 instances. Only certain bare-metal servers running elsewhere are allowed to contact them and their IPs whitelisted explicitly in the httpd.conf @the ...
1
vote
0
answers
422
views
ELB allows unencrypted/http communication on port 443?
I was testing a configuration of AWS ELB to use for SSL termination when I came across an intermittent issue...
Ocasionally, you can specify HTTP with port 443 (http://...:443) and ELB will pass ...
1
vote
1
answer
2k
views
X-forwarded-for NULL in Tomcat
We are injecting the x-forwarded-for header in the loadbalancer, which sends the request to apache web server, which inturn proxys (mod_proxy_balancer) the request to the backend tomcat server.
we are ...