Forum Discussion
Abdullah_Okumus
Mar 09, 2016Nimbostratus
So if you want to deny XFF spoofing attack and see the client IP address at the same time, you have to disable XFF option on HTTP profile and then apply following irule will be enough ?
when HTTP_REQUEST { foreach x [HTTP::header names] { if { $x equals "X-FORWARDED-FOR" } { HTTP::header remove X-FORWARDED-FOR HTTP::header replace X-FORWARDED-FOR [IP::client_addr] } }
}