Forum Discussion

Nimbostratus

Aug 06, 2010

X-Forwarded-For Irule

Hi All, Hoping someone can help here... In a nut shell, I am trying to block external access to a site, but allow internal users to work. Our connections come in externally via an application firewall...

Historic F5 Account

Aug 11, 2010

Hoolio's 100% right on this one, as is often the case. The XFF is far too easy to spoof to be relied upon for security. Unless you're manually stripping out the XFF somewhere upstream of the LTM this iRule is being fired on and are only concerned about an XFF being inserted inside your trusted network somewhere. That's about the only case you could trust an XFF for security reasons.

Colin

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

X-Forwarded-For Irule

AppWorld 2026: Save the Date and Join Our Community In Person!

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

iRule, Traffic Policy or Re-Write Policy

Bash shell and ping command on F5 rseries

How to Apply Existing Attack Signaturue Set to an ASM Policy using iControl REST API

What is the recommended TCP Profile settings monitor settings for ISO 8583 traffic in F5 Big IP ?

4600 rSeries tenant resizing and HA Dependency

Related Content

Extracting X-Forwarded-For in Node.js

X-Forwarded-For Log Filter for Windows Servers

X Forwarded For Single Header Insert

TCP Option 28 X-Forwarded-For Header

IIS X-Forward-For ISAPI Filter

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS