Only keep XFF header for specific subnet ranges

Question

Hello&nbsp;We have some external facing virtual servers that have requests coming in from both internal and external sources. What we'd like to do is keep XFF headers only for requests coming in from a set list of internal subnets and remove them for any requests from source IPs not defined in the list. How would we go about achieving this?&nbsp;ThanksAK

swjo · Answer

Hi&nbsp;when HTTP_REQUEST {if { [HTTP::header exists X-Forwarded-For] } {if { [class match [HTTP::header X-Forwarded-For] equals my_external_ip] } {	HTTP::header remove X-Forwarded-For}}else {	return}}&nbsp;I didn`t test this rule. but this form would be work.&nbsp;

swjo · Answer

If it is easy to classify internal Ip, use this rule little switching.

Forum Discussion

Only keep XFF header for specific subnet ranges

Recent Discussions

Application only need to access from 2 uris

In Radius auth, how to allow second attempt of token input when the first input is incorrect?

AS3 Limitations

Unable to install firmware OS and drop at 10%

Statistics ›› Analytics : HTTP : Overview

Related Content

(HTTP) Redirection via Arbitrary Host Header

HTTP Monitor cURL GET With Host Specific Headers

ASM irule to disable attack signature authorization header with specific value

Implementing Client Subnet DNS Requests

OCSP HTTP Header Specification/Example or field name of EDIPI?

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS