For more information regarding the security incident at F5, the actions we are taking to address it, and our ongoing efforts to protect our customers, click here.

Restricting Access to Virtual from client IP address in X-Forwarder-For HTTP header

  Description If you have a Proxy in front of the BIG-IP and all the client IP are source Natted, You can still restrict access to the Virtual if the client IP address is inserted by the pr...
Published Mar 14, 2023
Version 1.0
security
Nikoolayy1's avatar
Nikoolayy1
Icon for MVP rankMVP
Mar 16, 2023

What about if the X-Forwarder-For has multiple IP addresses as there were several proxy devices that added an IP address to the header with "," for example "1.1.1.1, 2.2.2.2"? How can you match on the first IP address in the XFF header?