2

In Web Application Firewall,I set IP range group,I'd like to restrict access only from these Ip groups. In following snapshot,I can select Source IP address and IP address in header,But what is the difference between them? I confused in which case should I select each. If someone has opinion or materials, please let me know.

Thanks

WAF

Heisenberg
  • 4,787
  • 9
  • 47
  • 76

1 Answers1

4

Source IP Address: is the IP address of the entity from where the request is coming from. This might be the client who initiated the request or might be intermediary such a load balancer, CDN etc.

IP Address in header: most of the time we care about the IP address of the client who initiated the request, not the address of a certain proxy (like a load balancer or CDN). Usually, if the request goes through a proxy, the IP address of the client is saved in a header (which typically is called X-Forwarded-For). More about this can be found in the docs.

Ervin Szilagyi
  • 14,274
  • 2
  • 25
  • 40
  • So "Source IP Address" is coming from somewhere other than the header? Are there any docs on how this IP address is obtained? – Matthew Apr 06 '23 at 04:38