X-Forwarded-for bug

[tgabi]

Hi,
it seems there's a problem in X-Forwarded-for processing. I get some strange logs like:

192.168.2.230

for something like

192.168.2.230, 58.11.73.85, 69.90.60.149

Any ideas ?

 

[mistwang]

Would you mind explaining it more clearly?

What log do you refer to? What is the correct value, what is not?

Thanks.

 

[tgabi]

Would you mind explaining it more clearly?

What log do you refer to? What is the correct value, what is not?

Thanks.

Ok, the logs are for the server behind LiteSpeed (dynamic content). When the request is passed from LiteSpeed the X-Forwarded-For header is truncated (as shown above). When the request is passed by apache (in fron of the same server) the logs show the full header.
Both values shown are from the same client in Internet, so the second log value is the correct one.

 

[tgabi]

Any news on this issue yet ? I cannot use LiteSpeed unless this flag is set right.

 

[mistwang]

We had investigated this issue.

When X-Forwarded-for header exists in request header, Apache will append the IP of the proxy server where the request comes from when it rebuild the proxy request header.

LiteSpeed reuses the request header received, do not rebuild the whole header when forward the request. So, when X-Forwarded-For exists in original request header, LiteSpeed will not change it. The IP in X-Forwarded-For is where the request originated from.

We can add some code to add a new X-Forwarded-For header which includes all IPs that the request had traveled, probably in 2.1 release. Don't have time to deal with it yet.

 

[mistwang]

This issue should be solved in 2.1RC2, please try it.