Is there a way to prevent the X-Forwarded-For from being spoofed in haproxy?
i.e. Can I rename that header to something else? Or is there another way to forward on the correct IP address of the client?
Asked
Active
Viewed 292 times
0
-
I'm not really sure that I understand the answer to that question. If you delete the X-Forwarded-For header, how can you get the client's IP address? Surely the X-Forwarded-For won't exist then? – Wayne Sep 07 '18 at 19:31
-
2The answer states that haproxy removes any such header the client sends, and inserts its own, when the given configuration is used. – Michael Hampton Sep 07 '18 at 19:33