On 28.08.19 09:22, jmperrote wrote:
Hello Matus thanks for the answer, but on the apache backend server we
just receip request from the reverse proxy, and we mounted software
for DDOS on the apache server, so we need to identified the ip from
reverse proxy for DDOS work.
and this is eaxctly why I said you must configure apache to accept
X-Forwarder-For header from squid, so apache knows which real IP connects
from the outside. And I said the proper module is mod_remoteip or something
similar.
However, yout anti-ddos software should connect to squid, not to apache. Or,
your squid server might be useless in that setup.
El 28/8/19 a las 08:40, Matus UHLAR - fantomas escribió:
On 28.08.19 07:59, jmperrote wrote:
Hello we have a reverse proxy squid and on the backend a apache
server with anti DDOS software.
Any request on the apache comming from the same ip of the reverse
proxy because it is forwader to the apache backend.
We need that the apache server receip the original ip from client.
We try the "forwarder_for on" directive at the top of squid.conf
but not result.
you must configure apache to accept that IP as the original IP.
I think it has mod_remoteip or something like that.
--
Matus UHLAR - fantomas, uhlar@xxxxxxxxxxx ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
"One World. One Web. One Program." - Microsoft promotional advertisement
"Ein Volk, ein Reich, ein Fuhrer!" - Adolf Hitler
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
