Site Navigation
Categories:
Anonymity
HTTP headers

Summary Of: X-Forwarded-For

Since it is easy to forge a X-Forwarded-For header the given information should be used with care... X-Forwarded-For data can be used in a forward or reverse proxy scenario... your gateway device should strip any X-Forwarded-For before sending the request to the Internet... You should be able to trust X-Forwarded-For information in this scenario as it is all generated within your network... You should NOT trust all X-Forwarded-For information in this scenario as you may have received bogus information from the Internet... s in the X-Forwarded-For header are trusted by you... Just logging the X-Forwarded-For header is not always enough as the last proxy IP in a chain is not... BOTH the layer 4 source IP and the X-Forwarded-For header information for completeness... X-Forwarded-For header is supported by most proxy servers... Winfrasoft X-Forwarded-For for ISA Server... X-Forwarded-For header logging is supported by many web servers including Apache and Microsoft IIS 6... however X-Forwarded-For can be substituted... Winfrasoft X-Forwarded-For for ISA Server...

Encyclodia Page On: X-Forwarded-For

These Are Links To Other Documents
autoblocks | proxy servers | Grumman FF | HTTP | de facto | IP address | web server | HTTP | proxy | World Wide Web | anonymizing service | Squid | Pound | Varnish cache | IronPort | Radware AppXcel | F5 Big-IP | Cisco | NetApp NetCache | Internet privacy | List of proxy software | Categories | Anonymity | HTTP headers |
This article is licensed under the GNU Free Documentation License. It uses material from the Wikipedia article "X-Forwarded-For".