-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi,
On Feb 9, 2009, at 6:24 PM, <gerhardus.geldenh...@gta-travel.com> <gerhardus.geldenh...@gta-travel.com
> wrote:
We have a forum site that is behind a load balancer and the site
relies
on ip addresses to detect failed logins. This does not work because
the
loadbalancer changes the source ip address to that of itself.
our load balancer(f5) adds the original ip as x-forwarded-for http
header.
However the third party software that we use don't pick up this
header.
Here is the relevant line(I think anyway, the function is called
fetch_alt_ip) from the software:
else if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) AND
preg_match_all('#\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3}#s',
$_SERVER['HTTP_X_FORWARDED_FOR'], $matches))
Sidenote:
If I have to change the code the following works by editing the
fetch_ip
function from:
return $_SERVER['REMOTE_ADDR'];
to
return (getenv(HTTP_X_FORWARDED_FOR))
? getenv(HTTP_X_FORWARDED_FOR)
: getenv(REMOTE_ADDR);
I have changed the HTTP_X_FORWARDED_FOR to x-forwarded-for in lower
and
upper case but the software still did not pick it up.
However I am not keen on changing the source code as that complicates
matters when you upgrade and someone might forget to change the source
code again or not read the documentation
After a bit of googling I thought I would give RequestHeader a go and
wrote the following:
RequestHeader append HTTP_X_FORWARDED_FOR "%{x-forwarded-for}e"
However the forum software does not pick this up and nor do I see the
value in my log file:
LogFormat "xforwarded:%{x-forwarded-for}i
rlnclient:%{rlnclientipaddr}i forumsoftware:%{HTTP_X_FORWARDED_FOR}i
vanilla: %h" gg2
This is a typical log entry:
xforwarded:10.241.115.240 rlnclient:10.241.115.240
forumsoftware:(null) vanilla: 10.200.11.43
Am I using request header wrong or doing something else stupid?
Sounds like you're almost there. For testing you might add a <?
phpinfo(); ?> call somewhere on a testing page and review the output.
The right PHP variable would show up, and also an environment variable
if there is one.
I'm not sure that in
RequestHeader append HTTP_X_FORWARDED_FOR "%{x-forwarded-for}e"
the x-forwarded-for should be in lower case. The PHP-info page would
show the exact spelling. Also, in the logline you have
%{x-forwarded-for}i
(which seems to work) while in the RequestHeader directive you have
%{x-forwarded-for}e
(which doesn't seem to work). This indicates that the value is
available as a HTTP header value, but not as an environment variable.
So all in all, in the RequestHeader directive you're probably
addressing a non-existent environment variable, to create an HTTP
header -- while you have an (albeit differently named) HTTP header to
start with.
I couldn't reproduce your situation, but hope that there are some
useful pointers above. Usually with PHP I just try the phpinfo() call
to see what exactly is available, and then I go from there. Off the
top of my head, there might be a variable _SERVER["X-Forwarded-For"]
readily available for you.
- --
Best regards / met vriendelijke groet, Karel Kubat
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (Darwin)
iEYEARECAAYFAkmQtkcACgkQ23FrzRzybNUZwgCgqMAVx/Hh6Q5zsL2t6kER3O/0
kFYAoNiWNjDaJ18Dp7x94XNst6sXDTZ+
=gN04
-----END PGP SIGNATURE-----
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org