I Know that this question has been asked before. I have tried them all nothing seems to work for me
I am getting multiple IPs in X-Forwarded-For header and Application firewall i have setup depends on X-Forwarder-Header which has 3 IPs. My firewall is considering private IP address as Client IP.
- I am not using any kind of load balancer
- I have tried removing X-Forwarded-Header and it is removing entire Client IP
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="Access-Control-1">
<DisplayName>Remove Forwarded IP</DisplayName>
<Properties/>
<Remove>
<Headers>
<Header name="X-Forwarded-For"/>
</Headers>
</Remove>
<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
<AssignTo createNew="false" transport="http" type="request"/>
</AssignMessage>
- Tried adding custom header with X-Forwarded-For name and that did not seem to work.
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<AssignMessage async="false" continueOnError="false" enabled="true" name="Add-Custom-Header-Value">
<DisplayName>Add Custom Header Value</DisplayName>
<Properties/>
<Copy source="request">
<Headers/>
<QueryParams/>
<FormParams/>
<Payload/>
<Verb/>
<StatusCode/>
<ReasonPhrase/>
<Path/>
</Copy>
<Set>
<Headers>
<Header name="X-Forwarded-For">{client.ip}</Header>
</Headers>
</Set>
<IgnoreUnresolvedVariables>true</IgnoreUnresolvedVariables>
<AssignTo createNew="false" transport="http" type="request"/>
</AssignMessage>What configuration changes do i need to make for getting real and single IP address in X-Forwarded-For header.
LinkedIn
Twitter
