Hi, Haroon I read http://en.wikipedia.org/wiki/X-Forwarded-For yesterday and I did not see Apache listed there. I saw squid, bluecoat, etc. listed there so I was thinking to test squid with the feature. What is your suggestion? Thanks. Ryan -----Original Message----- From: Haroon Rafique [mailto:haroon.rafique@xxxxxxxxxxx] Sent: Tuesday, December 01, 2009 10:23 AM To: users@xxxxxxxxxxxxxxxx Subject: RE: Passing remote client IP address to backend server and session stickness On Today at 10:09am, RJ=>Ruiyuan Jiang <Ruiyuan_Jiang@xxxxxxx> wrote: RJ> Hi, Haroon RJ> RJ> I see that also but I don't know how to use them. I put the statement RJ> into my vhost of Apache reverse proxy and the apache complaining they RJ> are wrong statement, etc. RJ> Hi Ryan, X-Forwarded-For is not a statement that goes inside the httpd.conf. The documentation page is just telling you that these headers are already available to you, if you are using reverse-proxy. RJ> RJ> <virtualhost> RJ> RJ> ... RJ> Proxyrequst off RJ> ..... RJ> X-Forwarded-For RJ> .... RJ> </virtualhost> RJ> So, don't put the X-Forwarded-For statement there. RJ> RJ> Is above the correct way to use it? I am not much care about the RJ> remote IP being logged in the Apache log but I am care about the RJ> remote client IP being forwarded to the backend server since our RJ> backend server will decide what to do based on the remote client IP. RJ> Thanks. RJ> For the backend server to be able to "see" the remote client IP, as if it was the real client IP, your application will have to be aware of the X-Forwarded-For. Depending on what technology you are using on the backend, the answer may be different about how to make your backend be aware of X-Forwarded-For header. Regardless of the technology, you probably should read up on the XFF entry at wikipedia: http://en.wikipedia.org/wiki/X-Forwarded-For And again, regardless of the tech, the HTTP request will contain the X-Forwarded-For header. On my java projects, I use xebia-france XForwardedFilter at: http://code.google.com/p/xebia-france/wiki/XForwardedFilter YMMV, RJ> RJ> Ryan RJ> Cheers, -- Haroon Rafique <haroon.rafique@xxxxxxxxxxx> --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|