Using "X-Forwarded-For" in Apache or PHP

An issue that often comes up for users of any full proxy-based product is that the original client IP address is often lost to the application or web server. This is because in a full proxy system th...
Published Jun 02, 2008
Version 1.0
apache
application delivery
BIG-IP
dev
devops
hardware
http headers
iRules
php
us
Lori_MacVittie's avatar
Lori_MacVittie
Icon for Employee rankEmployee
Jul 02, 2009
@Pete

 

 

Hmmm...I'm not an expert in the Apache mod_X configurations, but I would think that between mod_security and mod_rewrite that you could restrict access based on an just about any HTTP header in the configuration without requiring any code (SHTML, PHP, etc...).

 

 

I know you can certainly do that with an iRule, it's pretty simple stuff to base access on an HTTP header value so I'm guessing the same is true of mod_rewrite/mod_security.

 

 

Lori