httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Stephen Johnson" <>
Subject Re: mod_proxy hiding client ip address?
Date Tue, 07 May 2002 20:01:24 GMT
In some version of Apache, there was an addition to the HTTP header called 
X-Forwarded-For that was tipping off my server of the client's IP address.

It would be great to have an option to disable this 'feature', but in case 
anyone else wants to disable this, go into the src/modules/proxy directory 
and remove the following line in proxy_http.c

    /* Add X-Forwarded-For: so that the upstream has a chance to
       determine, where the original request came from. */
    ap_table_mergen(req_hdrs, "X-Forwarded-For", r->connection->remote_ip);

This will disable the X-Forwarded-For header item being added to the HTTP 


>From: "Stephen Johnson" <>
>Subject: mod_proxy hiding client ip address?
>Date: Mon, 06 May 2002 20:30:36 +0000
>I'm having a problem that I hope someone can help me with.
>I want to have the client's IP address shielded from the server we're
>I use the mod_proxy setup on a SSL connection, and then forward the data to
>another server that only likes to see requests from  I had this
>working with Apache v1.3.12, but in upgrading to 1.3.24, the client IP
>address seems to be passed all the way through to the server.  (Before the
>client IP address was showing up as
>I can obviously solve this problem by downgrading Apache to 1.3.12, but I
>would really like to stay current with the latest version.  I can only hope
>that I'm missing some configuration parameter that causes the Proxy to act
>MSN Photos is the easiest way to share and print your photos:
>To unsubscribe, e-mail:
>For additional commands, e-mail:

Join the world’s largest e-mail service with MSN Hotmail.

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message