Search squid archive

X_FORWARDED_FOR, squid and apache cheating

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

This is my current setup in using squid3 as reverse proxy:

browser (e.g. 202.182.201.3) <----> squid3 stable6 <----> apache 1.3.37 (PHP)

My PHP will get the user IP by HTTP_X_FORWARDED_FOR ENV variable.
(setting squid.conf: forwarded_for on)

There are 2 cases:

1. Normal case, my program can get the real IP of "202.182.201.3"
2. Cheating case, if user send a request already contains header of
"X_FORWARDED_FOR",
my program will be cheated by the client and the IP can be any
specified by client.


Now, my idea is to block the request header, e.g.

request_header_access X_FORWARDED_FOR deny all

But it end up with:  parse_http_header_access: unknown header name
'X_FORWARDED_FOR'


So any idea for my case?

Thanks.

Howard

[Index of Archives]     [Linux Audio Users]     [Samba]     [Big List of Linux Books]     [Linux USB]     [Yosemite News]

  Powered by Linux