On Today at 10:09am, RJ=>Ruiyuan Jiang <ruiyuan_ji...@liz.com> wrote:
RJ> Hi, Haroon RJ> RJ> I see that also but I don't know how to use them. I put the statement RJ> into my vhost of Apache reverse proxy and the apache complaining they RJ> are wrong statement, etc. RJ> Hi Ryan, X-Forwarded-For is not a statement that goes inside the httpd.conf. The documentation page is just telling you that these headers are already available to you, if you are using reverse-proxy. RJ> RJ> <virtualhost> RJ> RJ> ... RJ> Proxyrequst off RJ> ..... RJ> X-Forwarded-For RJ> .... RJ> </virtualhost> RJ> So, don't put the X-Forwarded-For statement there. RJ> RJ> Is above the correct way to use it? I am not much care about the RJ> remote IP being logged in the Apache log but I am care about the RJ> remote client IP being forwarded to the backend server since our RJ> backend server will decide what to do based on the remote client IP. RJ> Thanks. RJ> For the backend server to be able to "see" the remote client IP, as if it was the real client IP, your application will have to be aware of the X-Forwarded-For. Depending on what technology you are using on the backend, the answer may be different about how to make your backend be aware of X-Forwarded-For header. Regardless of the technology, you probably should read up on the XFF entry at wikipedia: http://en.wikipedia.org/wiki/X-Forwarded-For And again, regardless of the tech, the HTTP request will contain the X-Forwarded-For header. On my java projects, I use xebia-france XForwardedFilter at: http://code.google.com/p/xebia-france/wiki/XForwardedFilter YMMV, RJ> RJ> Ryan RJ> Cheers, -- Haroon Rafique <haroon.rafi...@utoronto.ca> --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org " from the digest: users-digest-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
