Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
litespeed_wiki:config:mitigating-ddos-attacks [2020/01/06 21:46] Jackson Zhang [Order LiteSpeed's Advanced Anti-DDoS Setup Service] |
litespeed_wiki:config:mitigating-ddos-attacks [2020/01/07 17:21] (current) Lisa Clarke [Never set **Use Client IP in Header** to ''Yes''] |
||
|---|---|---|---|
| Line 121: | Line 121: | ||
| To order LiteSpeed Advanced Anti-DDos Setup Service, please [[https://store.litespeedtech.com/store/cart.php?gid=5|visit our store]]. | To order LiteSpeed Advanced Anti-DDos Setup Service, please [[https://store.litespeedtech.com/store/cart.php?gid=5|visit our store]]. | ||
| - | ===== Never set ''Use Client IP in Header'' to ''Yes'' ===== | + | ===== Never set Use Client IP in Header to Yes ===== |
| - | To restore real visitor IPs, navigate to ''LiteSpeed WebAdmin Console > Configuration > General Settings'' and set ''Use Client IP in Header'' to ''Trusted IP Only'', and add your CDN such as CloudFlare IPs/Subnets to the trusted list. Never set ''Use Client IP in Header'' to ''Yes'' since clients can spoof IPs with the ''X-Forwarded-For'' header that is sent to CloudFlare. | + | To restore real visitor IPs, navigate to **LiteSpeed WebAdmin Console > Configuration > General Settings** and set **Use Client IP in Header** to ''Trusted IP Only'', and add your CDN such as CloudFlare IPs/subnets to the trusted list. Never set **Use Client IP in Header** to ''Yes'', since clients can spoof IPs with the ''X-Forwarded-For'' header that is sent to CloudFlare. |
| ===== Troubleshooting ===== | ===== Troubleshooting ===== | ||