Monthly Archives: August 2010

X-Forwarded-For Headers and mod_rpaf

***Security Alert*** – This should only be done where you 110% trust the proxy that is forwarded the client IP. It is quite easier to spoof an IP address using X-Forwarded-For headers.

If you have a couple of webservers behind a load blancer than you’ve probably noticed that your logs and many time web application incorrectly log the IP address of the load balancer.

This is totally expected behavior and is an important security feature in a standard Apache server.

However, it is also a pain. :)

Of course there is an easy way to solve the problem.

  1. One enable the feature of your load balancer to turn on X-Forwarded-For headers. (The name is slightly different depending on the device so I’m not always sure about the specifics.)
  2. Make sure that you are actually forwarding the additional header. I used my phpinfo() file to check you should see “HTTP_X_FORWARDED_FOR” in the apache environment section. If not than your load balancer is not correctly configured to pass the correct header. Troubleshoot until you can see this variable in the phpinfo().
  3. Enable and configure the mod_rpaf module for your apache server.
  4. Restart the webserver.
  5. Check your phpinfo() file and you should now see the correct IP address in the “REMOTE_ADDR” section. You can also still see that the request came from in the “HTTP VIA” section.

You should now see the correct IP in WordPress comments and Moodle logs.

***Security Alert*** – This should only be done where you 110% trust the proxy that is forwarded the client IP. It is quite easier to spoof an IP address using X-Forwarded-For headers.

Toad Symphony

So, I’ve been crazy busy at work and haven’t had much time to think or write lately. But the monsoon storms of the last two days have inspired a creative burst for both me and some desert toads.

Listen to the cacophony of toads that were in a temporary pond that form in front of my house. We had nearly 2 inches of rain in 24 hours.

[quicktime]http://edsysad.org/wp-content/uploads/2010/08/Frog-Music.mp3[/quicktime]