httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dragon <>
Subject Re: [users@httpd] Block IP
Date Wed, 04 Jun 2008 19:44:23 GMT
André Warnier wrote:

>Mohit Anchlia wrote:
>>2. Another question I had was sometimes we don't get real physical IP of the
>>machine but the IP of something that's in between like "router", is there a
>>way to get the real IP so that we don't end up blocking people coming from
>>that "router" or "proxy"
>In my opinion, you cannot.  The whole point of 
>such routers and proxies is to make the requests 
>look like they are coming from the router/proxy, 
>so that is the sender IP address you are seeing 
>at your server level, and that's it.  Your 
>server never receives the original requester IP address.
---------------- End original message. ---------------------

There are legitimate reasons for this to be done 
as well, indiscriminately blocking such access is 
a bad idea as it will affect legitimate users. 
NAT and IP address sharing are among the reasons. 
This allows an organization to have a router with 
one public IP address to serve a larger internal 
network with private IP addresses. Without this, 
we would have run out of IPv4 addresses a long time ago.


  Venimus, Saltavimus, Bibimus (et naribus canium capti sumus)

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message