Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
|
litespeed_wiki:config:mitigating-ddos-attacks [2019/06/13 16:21] Lisa Clarke [Trusted IPs] Copyediting |
litespeed_wiki:config:mitigating-ddos-attacks [2020/01/07 17:21] Lisa Clarke [Never set ''Use Client IP in Header'' to ''Yes''] Proofreading |
||
|---|---|---|---|
| Line 121: | Line 121: | ||
| To order LiteSpeed Advanced Anti-DDos Setup Service, please [[https://store.litespeedtech.com/store/cart.php?gid=5|visit our store]]. | To order LiteSpeed Advanced Anti-DDos Setup Service, please [[https://store.litespeedtech.com/store/cart.php?gid=5|visit our store]]. | ||
| + | ===== Never set **Use Client IP in Header** to ''Yes'' ===== | ||
| + | To restore real visitor IPs, navigate to **LiteSpeed WebAdmin Console > Configuration > General Settings** and set **Use Client IP in Header** to ''Trusted IP Only'', and add your CDN such as CloudFlare IPs/subnets to the trusted list. Never set **Use Client IP in Header** to ''Yes'', since clients can spoof IPs with the ''X-Forwarded-For'' header that is sent to CloudFlare. | ||
| ===== Troubleshooting ===== | ===== Troubleshooting ===== | ||