2

I am using a load balancer in front of my web server and wanted to get the real user's IP instead of the one coming from the load balancer. Thus I found that using HTTP_X_FORWARDED_FOR would do the trick. However, I'm not an expert when it comes to networking and can't figure out why the IP address is in two parts? The one's I've been logging from the HTTP_X_FORWARDED_FOR all have the following format: 

xxx.xxx.xxx.xxx, xxx.xx.

For example, 

66.249.75.48, 173.24.

I'm sure this is something rather basic, but it's not in my field generally so I had to turn to you guys for some clarification. Thanks in advance!

Reza Karami
  • 505
  • 1
  • 5
  • 15
  • Related to https://stackoverflow.com/questions/11452938/how-to-use-http-x-forwarded-for-properly – Will Jul 25 '19 at 16:06

1 Answers1

1

X-Forwarded-For header contains a list of IPs with comma separating them. Each time the request goes through a proxy the IP address of the machine sending it to the proxy is supposed to be appended to the header list.

In your case it appears the second IP address has been truncated. Probably by your load balancer or web server assuming it contained only one IP and had a certain short maximum length.

NOTE: There may have been more than 2 IPs in the original and the client could have forged some or all the first part that you see. So you really need that bug to get fixed.

Amos Jeffries
  • 191
  • 3