Page 1 of 1
x-forwarded-for headers for load balancers with dynamic ips
Posted: 21 Mar 2014, 19:14
by devtastic
Does CSF support the x-forwarded-for header? Currently csf blocks our load balancers that are served from a dynamic pool of servers. Is there a way to enable support for this header or a change to the firwall configuration that would allow us to use csf on a load balancers with dynamic IPs?
Re: x-forwarded-for headers for load balancers with dynamic
Posted: 25 May 2014, 14:24
by workhorse
I have the same question if anyone knows...
Re: x-forwarded-for headers for load balancers with dynamic ips
Posted: 04 Aug 2015, 10:27
by bouvrie
This question is somewhat related to one from
dec 2014. I too am looking for a way to further check the X-Forwarded-For header's IP address, in my case especially when the Remote_Addr's IP address is whitelisted already.
Is there any way to inspect the X-Forwarded-For header (or alternatives, like CF uses True-Client-IP, CF-Connecting-IP next to X-Forwarded-For) for blocking? Or does/did this bring a vulnerability of maliciously blocking IP addresses by spoofing X-Forwarded-For headers (like
viewtopic.php?f=6&t=6686&p=20038 seems to describe)?