cancel
Showing results for 
Search instead for 
Did you mean: 

BotDefense XFF when using CDN

ismail2
Nimbostratus
Nimbostratus

I am having trouble with Bot-Defense detecting the client_ip (XFF) when using cloudflare.

 

The ASM Profile is working fine when i add custom header and enable X-Forwarded-For although the BotDefense is still picking the clientIP incorrectly.?

 

The botdefense requests page does show the proper X-Forwarded-For IP although its still not picking this up as the client_ip

1 REPLY 1

Emil
Altocumulus
Altocumulus

I am having the same issue. Did you manage to fix it? In my case I have CloudFlare CDN in front of the f5 AWAF.

What is the best implementation in this setup?

1. CF is considered as upstream proxy and set HTTP profile with trust XFF

2. Use irule to change cloudflare headers into XFF; X-real-ip. Botdefense seems to match cloudflare as a malicious bot.

I will appreciate any advise and assisstance.

Thanks.