You are right, it's more a dns thing. In this configuratiĆ³n the A and CNAME registers are fixed in the balancer, not the cherokee web servers (3 computers at this momment) So it's ok.
Thanks for all. On Thu, Feb 2, 2012 at 07:09, Daniel Lo Nigro <[email protected]> wrote: > > On Wed, Feb 1, 2012 at 11:31 PM, Alvaro Lopez Ortega <[email protected]>wrote: > >> On 02/01/2012 01:11 PM, jlan wrote: >> >>> >>> I can't use loadbalancer ip, but i can't leave x-Forwarded-For without >>> any content, is there a huge security issue or i'm being paranoic? >>> >> >> Do not enable X-Forwarded-For without checking the origin. That'd allow >> anyone to send requests to your server faking his IP. The integrity of your >> log files would be jeopardized. >> >> I think it'd be acceptable if all requests are going via the load > balancer. In this case, the last value in X-Forwarded-For will *always *be > from the load balancer, so you could trust it. > > _______________________________________________ > Cherokee mailing list > [email protected] > http://lists.octality.com/listinfo/cherokee > >
_______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
