httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Surendhar Thallapelly <surendhar.t1...@gmail.com>
Subject [users@httpd] Re: X-Forwarded-For header is missing
Date Wed, 08 Nov 2017 12:12:52 GMT
Hi Konstantin,

It is not processed and deleted by backend. I enabled x-forwarded-for
logging, it confirms our Apache webserver is not adding xff header. However
xfh header added always.

RemoteIpValve is not configured at Apache tomcat.

We already placed ProxyAddHeaders after load modules only, I also attached
httpd conf  file for your review and captured wireshark packet capture at
webserver, it confirms above.

Can you please help me and share working httpd.conf file where http web
server redirecting incoming WEBSERVICE call to another backend application
with xff headers enabled.

Thanks a lot.

Thanks,
Surendhar

On Wednesday, November 8, 2017, Konstantin Kolinko <knst.kolinko@gmail.com>
wrote:

> 2017-11-07 21:44 GMT+03:00 Surendhar Thallapelly <
> surendhar.t1241@gmail.com <javascript:;>>:
> > Hi Konstantin,
> >
> >> Hi Team,
> >>
> >> I configured apache http web server to redirect incoming WEBSERVICE call
> >> to
> >> another backend application server, X-Forwarded-For is missing(webserver
> >> ip)
> >> in backend call.
> >>
> >> I have configured below in my webserver httpd.conf file.
> >>
> >> ProxyPass /TestProject http://10.160.160.33:2914/TestProject
> >> ProxyPassReverse /TestProject http://10.160.160.33:2914/TestProject
> >>
> >
> > 1. Version of Apache HTTP server = ? 2.2 & 2.4 both of versions it didn't
> > work
> > 2. What is your configuration of ProxyAddHeaders directive?
> >
> > http://httpd.apache.org/docs/2.4/mod/mod_proxy.html#proxyaddheaders
> >
> > ProxyAddHeaders On
> >
> > I also enabled
> > LoadModule proxy_module modules/mod_proxy.so
> > LoadModule proxy_http_module modules/mod_proxy_http.so
> >
> > X-Forwarded-Host is working showing in my backend call, only
> X-Forwarded-For
> > is missing.  I am also attaching my complete http.conf(2.4 version) file
> for
> > your review, please review and help me.
>
>
> Maybe the "X-Forwarded-For" is sent by Apache HTTPD, but is processed
> and removed by your backend?
>
> E.g. in Apache Tomcat if a RemoteIpValve is configured,
> it will process and hide this header from underlying web applications,
> while its original value is still visible in Access Log and can be
> logged with %{xxx}i
>
> http://tomcat.apache.org/tomcat-8.5-doc/config/valve.html#Remote_IP_Valve
>
>
> (BTW,
> it is odd how you place your "ProxyAddHeaders On" directive at the top
> of the file.
>
> My expectation is that the directive should be moved below relevant
> "LoadModule" line,
> or the configuration fails to load.
> )
>
> Best regards,
> Konstantin Kolinko
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org <javascript:;>
> For additional commands, e-mail: users-help@httpd.apache.org
> <javascript:;>
>
>

Mime
View raw message