Re: [squid-users] X_FORWARDED_FOR, squid and apache cheating from howard chen on 2008-05-24 (squid-users)

From: howard chen <howachen_at_gmail.com>
Date: Sat, 24 May 2008 18:50:45 +0800

> However, I still see my cheated XFF exist in my backend PHP program, e.g.
>
> [HTTP_X_FORWARDED_FOR] => 192.168.11.103 [Cheated using FF Modify Header]
> [REMOTE_ADDR] => MY_SQUID_IP
>

Sorry pls ignore my last email, and see my updated test results for
quick comparison...

Facts:
Client IP: 202.183.19.3
XFF Cheated IP using FF Modify Header: 192.168.11.103
Squid IP: 10.10.10.3

Test 1:

forwarded_for on
[HTTP_X_FORWARDED_FOR] = 192.168.11.103, 202.183.19.3

forwarded_for truncate
[HTTP_X_FORWARDED_FOR] = 192.168.11.103, unknown

You see, truncate is truncating my real client ip,leaving the cheated one.

Howard
Received on Sat May 24 2008 - 10:50:48 MDT

This archive was generated by hypermail 2.2.0 : Tue Aug 05 2008 - 01:05:14 MDT