API
The Gcore Customer Portal is being updated. Screenshots may not show the current version.
Web Application Security
Web Application Security
Chosen image
Home/Web Application Security/

Get actual IP addresses of visitors from the X-Forward-For header

Why use the X-Forwarded-For header

When you enable Web Application Security, our servers function as a reverse proxy and filter requests to your server. By default, only our IP addresses will be visible in the access logs. If you want to obtain the actual IP addresses of your visitors, you can configure your system to retrieve the addresses from the X-Forwarded-For header using the realip module.

Configure the realip module on your server

Nginx

1. Use the ngx_http_realip_module and add two key directives: set_real_ip_from and real_ip_header.

  • The set_real_ip_from directive specifies the trusted subnets.
set_real_ip_from 9х.ххх.ххх.х/24;  
set_real_ip_from 1хх.ххх.ххх.0/24;  
set_real_ip_from 9х.ххх.ххх.х/24;  

Contact the support team via email at support@gcore.com or through chat to get the up-to-date list of subnets.

  • The real_ip_header directive indicates that the IP addresses are contained in the X-Forwarded-For header.
real_ip_header X-Forwarded-For;

2. (Optional) Add $http_x_forwarded_for variable in the log_format directive to display visitors' real IP addresses in access logs.

3. Restart Nginx.

Apache

1. Use the mod_remoteip module for configuration and several key directives to the configuration file, with minor differences depending on the OS (RHEL/CentOS or Debian/Ubuntu).

  • The following directive specifies that the remoteip module should be loaded:
# LoadModule remoteip_module modules/mod_remoteip.so ()
  • The following directive indicates that the IP addresses are contained in the X-Forwarded-For header:
# RemoteIPHeader X-Forwarded-For
  • The following directives indicate that the Gcore nodes are trusted:
# RemoteIPTrustedProxy 9х.ххх.ххх.х/24;  
# RemoteIPTrustedProxy 1хх.ххх.ххх.х/24;  
# RemoteIPTrustedProxy 9х.ххх.ххх.х/24;  

Contact the support team via email at support@gcore.com or through chat to get the up-to-date list of subnets.

2. Save changes.

3. Restart Apache.

Was this article helpful?

Not a Gcore user yet?

Discover the all-in-one Web security solution by Gcore

Go to the product page