Hi,
This is my current setup in using squid3 as reverse proxy:
browser (e.g. 202.182.201.3) <----> squid3 stable6 <----> apache 1.3.37 (PHP)
My PHP will get the user IP by HTTP_X_FORWARDED_FOR ENV variable.
(setting squid.conf: forwarded_for on)
There are 2 cases:
1. Normal case, my program can get the real IP of "202.182.201.3"
2. Cheating case, if user send a request already contains header of
"X_FORWARDED_FOR",
my program will be cheated by the client and the IP can be any
specified by client.
Now, my idea is to block the request header, e.g.
request_header_access X_FORWARDED_FOR deny all
But it end up with: parse_http_header_access: unknown header name
'X_FORWARDED_FOR'
So any idea for my case?
Thanks.
Howard
Received on Fri May 23 2008 - 10:17:30 MDT
This archive was generated by hypermail 2.2.0 : Tue Aug 05 2008 - 01:05:13 MDT