httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Haroon Rafique <>
Subject RE: [users@httpd] Passing remote client IP address to backend server and session stickness
Date Tue, 01 Dec 2009 15:23:10 GMT
On Today at 10:09am, RJ=>Ruiyuan Jiang <> wrote:

RJ> Hi, Haroon
RJ> I see that also but I don't know how to use them. I put the statement 
RJ> into my vhost of Apache reverse proxy and the apache complaining they 
RJ> are wrong statement, etc.

Hi Ryan,

X-Forwarded-For is not a statement that goes inside the httpd.conf. The 
documentation page is just telling you that these headers are already 
available to you, if you are using reverse-proxy.

RJ> <virtualhost>
RJ> ...
RJ> Proxyrequst off
RJ> .....
RJ> X-Forwarded-For
RJ> ....
RJ> </virtualhost>

So, don't put the X-Forwarded-For statement there.

RJ> Is above the correct way to use it? I am not much care about the 
RJ> remote IP being logged in the Apache log but I am care about the 
RJ> remote client IP being forwarded to the backend server since our 
RJ> backend server will decide what to do based on the remote client IP. 
RJ> Thanks.

For the backend server to be able to "see" the remote client IP, as if it 
was the real client IP, your application will have to be aware of the 
X-Forwarded-For. Depending on what technology you are using on the 
backend, the answer may be different about how to make your backend be 
aware of X-Forwarded-For header. Regardless of the technology, you 
probably should read up on the XFF entry at wikipedia:
And again, regardless of the tech, the HTTP request will contain the 
X-Forwarded-For header. On my java projects, I use xebia-france 
XForwardedFilter at:


RJ> Ryan

Haroon Rafique

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message