The X-Forwarded-For header is the one you want - you read it right to left, and the first address you don't recognize as yours is the user's IP. Anything further left then the first value you assume is spoofed and disregard. Your request may have multiple X-Forwarded-For headers - you read them last to first in addition to right to left. PHP has problems with the multiple X-Forwarded-For headers, as a workaround we use the real-ip module in Nginx to process the X-Forwarded-For header(s) and provide a PHP friendly value for application use.
On Thu, Aug 11, 2016 at 11:22 AM, Ayberk Kimsesiz <[email protected] > wrote: > Hi, > > Everyone who visits our website has an IP address that seems as the Server > IP. This is fixed by canceling the Varnish Cache. What settings we need to > do to resolve this issue? > > http://imgur.com/a/Kh8sP > > Thanks > > _______________________________________________ > varnish-misc mailing list > [email protected] > https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc >
_______________________________________________ varnish-misc mailing list [email protected] https://www.varnish-cache.org/lists/mailman/listinfo/varnish-misc
