Skip to main content

Questions tagged [x-forwarded-for]

HTTP header field for identifying the origin IP address

Filter by
Sorted by
Tagged with
14 votes
1 answer
23k views

How to log original value of $remote_addr when using Real-IP

My environment has user requests passing through a number of systems: [Client] --> [ELB] ---> [nginx] --> [web] (ELB = AWS Elastic Load Balancer) Thanks to this answer, I have nginx determining and ...
michaelg's user avatar
  • 260
10 votes
2 answers
32k views

Apache mod_remoteip and access logs

Since Apache 2.4 I've started using mod_remoteip instead of mod_extract_forwarded for rewriting client address from x-forwarded-for provided by frontend servers (varnish, squid, apache etc). So far ...
GioMac's user avatar
  • 4,654
8 votes
1 answer
14k views

Possible to log X-FORWARDED-FOR to nginx error_log?

Nginx allows custom log formats for access logs -- right now I'm logging http_x_forwarded_for and it's working fine. The problem is my error log only shows the LB IP. After Googling and reading ...
skrewler's user avatar
  • 318
8 votes
3 answers
61k views

Forwarding real remote IP to proxied server with nginx

To hide my website IP I proxied the main server with nginx on another VPS. I am trying to send the visitor real IP to my website and here is my config in conf.d folder: proxy_cache_path /etc/nginx/...
Amin's user avatar
  • 99
8 votes
2 answers
12k views

Nginx clear X-Forwarded-For before setting

What can I use in the nginx config to make it clear any existing X-Forwarded-For headers before setting its own? I am currently using Nginx to terminate SSL before passing traffic to HAProxy to load ...
sidprak's user avatar
  • 400
7 votes
3 answers
18k views

Overriding the X-Forwarded-For header in haproxy?

In my HAProxy load balancer, I have the following config chunks: defaults mode http log global option httplog clf option ...
Evan's user avatar
  • 497
7 votes
3 answers
8k views

F5 Big-IP, X-Forwarded-For and IIS Logs

I've got an F5 Big-IP that is mangaged by our hosting provider. It's dedicated to our private VLAN, etc. Works great :) We requested them to add in an X-Forwarded-For HTTP-Header field. They've done ...
Pure.Krome's user avatar
  • 6,628
7 votes
3 answers
9k views

How to best configure IIS7 logging to capture "HTTP_X_FORWARDED_FOR" header

We have IIS7 servers sitting behind an nginx reverse proxy. The reverse proxy is sending the standard "HTTP_X_FORWARDED_FOR" header with the visitor IP address, but IIS7 logging is only logging the ...
zeroasterisk's user avatar
7 votes
1 answer
19k views

Add haproxy X-Forwarded-Host request header

I have a Haproxy instance that rewrites Host headers to internal ones using http-request set-header. http-request set-header Host internal.example However, I'd still like backends to have access to ...
steveh7's user avatar
  • 163
6 votes
2 answers
6k views

Private address space IP found in X-Forwarded-For

I'm reverse proxying with nginx behind Google Cloud (HTTPS) Load Balancer, so I add the X-Forwarded-For header so that the backend can extract the client (browser) IP. This morning I noticed a 10.x....
Rhangaun's user avatar
  • 199
6 votes
2 answers
7k views

mod_evasive behind HAPROXY

I have a couple of Apache 2 machines behind an HAPROXY setup, I tried to setup mod_evasive on those Apache machine while also using mod_rpaf to get the real X-FORWARDED client ip. For some reason, ...
Elad Meidar's user avatar
4 votes
1 answer
5k views

is there a standard for chaining x-forwarded-for headers?

IETF RFC 2616 Section 4.2 allows a request to contain multiple headers with the same field-name as long as chronological order of insertion is preserved and their values can be converted into single ...
BaltoStar's user avatar
  • 207
3 votes
1 answer
4k views

Apache HTTPD's remoteip not working

I've configured remoteip and checked that it's actually loaded. The remoteip.conf is loaded as well. I checked the latter by introducing a wrongly formatted IP in the following (correct) config: ...
hbogert's user avatar
  • 440
3 votes
1 answer
6k views

Amazon ELB not Passing "X-Forwarded-For" to IIS

ELB is setup to accept public HTTPS (443) connections and send them on as HTTP (80) to the EC2 instances. The EC2 instances run an IIS app that needs to know the user's IP address. According to ...
Chad Decker's user avatar
3 votes
3 answers
6k views

Varnish client.ip says 127.0.0.1

So I have a setup like Nginx -> varnish -> apache2 If I get a request with a static file it is sent through nginx to varnish and back to nginx again since its a lot faster than letting apache2 server ...
Ronnie Jespersen's user avatar
3 votes
1 answer
2k views

Configuring nginx to log original requestor IP (instead of IP of forward proxy)

On an nginx-enabled website I maintain, some visitors are behind a certain forward proxy. Since requests pass through the proxy's servers, the HTTP Request IP address in these cases is always from ...
Hassan Baig's user avatar
  • 2,615
3 votes
1 answer
3k views

Location based whitelisting of IP's on nginx webservers behind Elastic Load Balancer

I run nginx webservers behind an elastic load balancer in AWS. The real IP is got through X-Forwarded-For. The issue faced is how to use this to deny all and whitelist only specific sources for ...
linuxtester's user avatar
3 votes
1 answer
2k views

Pass Client IP from AWS ELB to HA Proxy

We have a issue in our application where the client IP is not getting passed to the App servers in the following setup. USER---------> AWS ELB -----------> HAPROXY -----------> Application server(...
Udith Nalaka's user avatar
3 votes
1 answer
4k views

Check Varnish ACL via X-Forwarded-For when behind one or more(!) reverse proxies

I have Varnish running behind a reverse proxy (running on localhost, for SSL offloading). The proxy sets the X-Forwarded-For header or adds itself to it if the header already exists. When I do ACL ...
Martijn Heemels's user avatar
2 votes
1 answer
4k views

prevent X-Forwarded-For spoofing in haproxy

Yesterday we got hit by a DDoS attack reaching our webserver backends (apache2). The frontend consists of haproxy loadbalancing connections to the webservers. On access.log of apache we saw thousands ...
giomanda's user avatar
  • 1,894
2 votes
1 answer
3k views

Nginx running behind Varnish and x-forwarded-for, how do I fool nginx?

I have a setup where I'm looking at running nginx behind a varnish cache. I currently use apache instead of varnish and use x-forwarded-for to have apache tricked into thinking the remoteip is the ...
user avatar
2 votes
2 answers
10k views

X-Forwarded-For not showing up in tomcat7 access log

I'm trying to print out the remote client IP on a tomcat running behind an ELB and for some reason it's not being printed out to the access log. my elb configuartion is : 80 -> 8080 443 -> 8080 ...
Amnon's user avatar
  • 121
2 votes
2 answers
2k views

Fail2ban and X-Forwarded

I am configuring fail2ban on my webservers. My Webservers are behind ELB. so I configured X-forwarded to get the real IP's in Apache Access logs.But unfortunately fail2ban not able scan accesslogs ...
nitheeshp's user avatar
2 votes
2 answers
2k views

Using Nginx real_ip when you don't know the intermediate proxy IP addresses

Nginx's real_ip module allows you to set the $remote_addr variable based on values sent in particular header fields. It has a special understanding of the X-Forwarded-For header, and is able to use ...
Daniel Compton's user avatar
2 votes
0 answers
185 views

Stop a user from circumventing IP block?

A user is somehow avoiding an IP block in apache 2.2/2.4, and I can not figure out how. The company I work for hosts hundreds of sites in different datacenters; this user is attacking several of the ...
suhmedoh's user avatar
2 votes
0 answers
225 views

HAProxy, why would a replaced HTTP header have a number at the end?

Can someone explain what the "X-Forwarded-Proto2" header is in this HAProxy frontend stanza?: frontend main *:443 ... reqirep ^(X-Forwarded-Proto:)(.*) X-Forwarded-Proto2:\2 ... I understand ...
blindsnowmobile's user avatar
2 votes
0 answers
8k views

Apache proxy server not passing X-Forwarded-For

I am migrating some sites from one server to another. To avoid any downtime, I am proxying moved sites through the old server while the DNS updates. On the original (proxy) server, I have the ...
Zakalwe's user avatar
  • 153
2 votes
1 answer
1k views

Nginx not getting the real visitor IP in server block

I am using a loadbalancer in my current setup, requests come from ip 10.71.128.13. I am using Nginx as a front to a Gunicorn backend. I want to get the real IP address of the visitor and log it (not ...
Daniel Pilch's user avatar
1 vote
1 answer
3k views

IIS server farm with ARR: Why does HTTP_X_FORWARDED_FOR have a port number?

I've got a server farm set up in IIS 8.5. When I inspect the HTTP_X_FORWARDED_FOR header in my application code, it gives me the correct IP address but it contains a colon and a port number. E.g. ...
theyetiman's user avatar
1 vote
1 answer
3k views

Haproxy Incoming X-Forwarded-For Header into Outgoing X-Forwarded-For

Is there any way that I can use Haproxy's ability to modify headers so that if the incoming connection has an X-Forwarded-For header for example I can then take the contents of this and add it into ...
Chris's user avatar
  • 1,289
1 vote
2 answers
3k views

Logging original requestor IP instead of forward proxy IP for certain HTTP requests (nginx logs)

I use nginx as a reverse proxy in front of our application web server (gunicorn; it's a Django app). Majority of the users hitting this web application are actually routed through a forward proxy. ...
Hassan Baig's user avatar
  • 2,615
1 vote
1 answer
97 views

On a shared public Internet connection, is there a way to identify outgoing network connections to assist with abuse claims?

I assist in running a public WiFi network, and we assign each user an internal IP address on the 10.0.0.0/8 subnet. We sometimes get emails about abuse of network services, but because of the nature ...
ianweller's user avatar
  • 156
1 vote
2 answers
3k views

Getting X-Forwarded behind AWS TCP Load Balancer for https

I have an AWS TCP load balancer on an autoscaling pool, There are multiple domains behind it so I can't do SSL termination on the load balancer, hence TCP. I've updating my logging format to log the ...
Rudiger's user avatar
  • 191
1 vote
1 answer
3k views

Is there a local "firewall" to block by "X-Forwarded-For" IPs behind the reverse proxies?

The situation is quite typical. I'm using CentOS + Apache(s) behind a Load-balancer for the WebSites. At this point, let's assume i don't have any access to the Load-balancer (or) let's forget about ...
夏期劇場's user avatar
1 vote
1 answer
441 views

How to inspect load balancer L7 Injected Headers

There is a hardware LB redirecting http to an Nginx SSL Offloader listening only at 443. I have no access to the LB, but I need to verify if it is injecting the X-Forwarded-For header. Why? I'm ...
Eric Fortis's user avatar
1 vote
3 answers
4k views

OpenSource (Layer 4) Load Balancer that can pass through original client IP?

I am setting up a web application which uses SSL for all requests. It needs to have room for scaling and also be highly available. It seems that the "recommended" way to handle this is to setup a pair ...
phylae's user avatar
  • 327
1 vote
1 answer
1k views

Show upstream Cloudflare server IP after enabled nginx / set_real_ip_from

I've followed cloudflare doc [1] that enabled set_real_ip_from in order to show original client's IP My log format is log_format main '$remote_addr $http_cf_connecting_ip $http_x_forwarded_for ...
Ryan's user avatar
  • 6,101
1 vote
1 answer
11k views

Get client IP with Header add in Apache2

I am attempting to get the client IP in a HTTP header. I have seen a lot of references to getting this in Logs however i dont know how this translates to passing it as a header. I was going to use ...
EamonnMcElroy's user avatar
1 vote
1 answer
10k views

apache forward REMOTE_USER to X-Forwarded-User

I would like to pass the environment variable REMOTE_USER set by apache when HTTP basic authentication is correct to a backend. This would provide authentication to the backend server as well. Here ...
philippe's user avatar
  • 2,433
1 vote
1 answer
6k views

Logging X-Forwarded-For IP in Shibboleth's Audit Logs

This is a follow up from my earlier question on capturing the X-Forwarded-For IP address in across multiple proxies. Now, I'm looking to capture the Client's IP in the application's (Shibboleth's IdP) ...
KM.'s user avatar
  • 1,816
1 vote
0 answers
640 views

Apache's remoteip module does not populate the client_ip

In an intranet environment, I have a relatively involved scenario, all on the same server: IIS server acting as a reverse proxy listening on 443 forwards matching requests to localhost:1080/redmine ...
jfix's user avatar
  • 211
1 vote
0 answers
170 views

"proxy_set_header Upgrade" causes "real_ip_header" not working

nginx config: map $http_upgrade $connection_upgrade { default keep-alive; 'websocket' upgrade; } set_real_ip_from 127.0.0.1; set_real_ip_from 192.168.203.1; real_ip_recursive on; real_ip_header X-...
duiduidui's user avatar
1 vote
1 answer
3k views

Apache won't record X-Forwarded-For

I am trying to record the a client ip stored in the X-Forwarded-For http header in the Apache access logs but having no luck and have been pulling my hair out for hours. I've tried a ton of different ...
Brad's user avatar
  • 619
1 vote
0 answers
28 views

Does in-the-field experience suggest that a HTTP POST is more reliable than PUT and DELETE

I need to cross reference my experience with that of professionals, as I'm developing a REST application that can either Use on HTTP POST for all delete and create operations Or use HTTP DELETE and ...
makerofthings7's user avatar
1 vote
0 answers
225 views

Correct log format dependent on route

I have a few virtual hosts running on a server, a couple are through a CDN and have X-Forward-For added to the headesr, sometimes it just goes through a load balancer where RemoteIPHeader is added. I ...
Rudiger's user avatar
  • 191
1 vote
0 answers
2k views

Apache 2.4 X-Forwarded-For for remoteip

I configured apache 2.4 with following file /etc/apache2/conf-available/remoteip.conf RemoteIPHeader X-Forwarded-For RemoteIPTrustedProxy 127.0.0.1 But It will not include header in tomcat. ...
Gaurav Ashara's user avatar
1 vote
0 answers
242 views

Restore original visitor IP for static site on AWS S3 using Cloudflare

I've a static site on S3, with cloudflare as my DNS provider. The server logs are collected in an S3 bucket. However the visitor IP address in the log files points to cloudflare servers instead of the ...
user's user avatar
  • 111
1 vote
1 answer
709 views

Allowing multiple IPs behind ELB in Apache configuration

I have multiple application servers running as EC2 instances. Only certain bare-metal servers running elsewhere are allowed to contact them and their IPs whitelisted explicitly in the httpd.conf @the ...
silvester anfang's user avatar
1 vote
0 answers
422 views

ELB allows unencrypted/http communication on port 443?

I was testing a configuration of AWS ELB to use for SSL termination when I came across an intermittent issue... Ocasionally, you can specify HTTP with port 443 (http://...:443) and ELB will pass ...
CarpeNoctumDC's user avatar
1 vote
1 answer
2k views

X-forwarded-for NULL in Tomcat

We are injecting the x-forwarded-for header in the loadbalancer, which sends the request to apache web server, which inturn proxys (mod_proxy_balancer) the request to the backend tomcat server. we are ...
akay's user avatar
  • 53