[Owasp-modsecurity-core-rule-set] ipMatch and X-Forwarded-For
Brian Davis (bridavis)
bridavis at cisco.com
Fri Mar 4 07:54:47 UTC 2016
I have ModSecurity running as a reverse proxy behind an haproxy LB. Because we're behind HAProxy, we're getting LB IP addresses for REMOTE_ADDR.
I have a large number of IPs that I have to whitelist, and would therefore really take advantage of the ipMatch and ipMatchFromFile functions. However, those can only be used on REMOTE_ADDR.
Does anyone have a creative way of taking the X-Forwarded-For value and somehow setting REMOTE_ADDR to that, and then using ipMatch on the result?
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-modsecurity-core-rule-set