12-17-2012 01:43 AM
Hello Friends,
We are running a web-application that has a login on the very first page.
We want to capture the real IP addresses of all the customers that visit our application.
We have Cisco layer 3 Load balancer configured in a shared mode with Natting.
We are running IBM http server over Apache.
We proposed using "X-Forwarded For" header to capture client IP but were not allowed due to known vulneabilities associated with X-Forwarded for.
We want to capture client IPs for "http" and "https" without using "X-Fwd for".
Can someone kindly suggest if there is any alternate to it?
If yes then how to implement it?
12-20-2012 01:08 AM
Hi Vivek, adding X forwarded method.to load balance policy. So that source ip address is added to HTTP header, is the only method. Unless the application itself does not request source ip add in the header. Which can be passed through the load balancer.
Sent from Cisco Technical Support Android App
12-28-2012 11:16 AM
Hi Vivek,
the problem with the x-fwd-for is the name of the header? What is the security risk?
---------------------
Cesar R
ANS Team
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide