x-forwarded-for headers for load balancers with dynamic ips

Post Reply
devtastic
Junior Member
Posts: 1
Joined: 21 Mar 2014, 19:04
Location: United States

x-forwarded-for headers for load balancers with dynamic ips

Post by devtastic »

Does CSF support the x-forwarded-for header? Currently csf blocks our load balancers that are served from a dynamic pool of servers. Is there a way to enable support for this header or a change to the firwall configuration that would allow us to use csf on a load balancers with dynamic IPs?
workhorse
Junior Member
Posts: 3
Joined: 28 Sep 2013, 14:09

Re: x-forwarded-for headers for load balancers with dynamic

Post by workhorse »

I have the same question if anyone knows...
bouvrie
Junior Member
Posts: 16
Joined: 23 Nov 2011, 09:49

Re: x-forwarded-for headers for load balancers with dynamic ips

Post by bouvrie »

This question is somewhat related to one from dec 2014. I too am looking for a way to further check the X-Forwarded-For header's IP address, in my case especially when the Remote_Addr's IP address is whitelisted already.

Is there any way to inspect the X-Forwarded-For header (or alternatives, like CF uses True-Client-IP, CF-Connecting-IP next to X-Forwarded-For) for blocking? Or does/did this bring a vulnerability of maliciously blocking IP addresses by spoofing X-Forwarded-For headers (like viewtopic.php?f=6&t=6686&p=20038 seems to describe)?
Post Reply