[Owasp-modsecurity-core-rule-set] ipMatch and X-Forwarded-For

Brian Davis (bridavis) bridavis at cisco.com
Fri Mar 4 07:54:47 UTC 2016


I have ModSecurity running as a reverse proxy behind an haproxy LB. Because we're behind HAProxy, we're getting LB IP addresses for REMOTE_ADDR.

I have a large number of IPs that I have to whitelist, and would therefore really take advantage of the ipMatch and ipMatchFromFile functions. However, those can only be used on REMOTE_ADDR.

Does anyone have a creative way of taking the X-Forwarded-For value and somehow setting REMOTE_ADDR to that, and then using ipMatch on the result?


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-modsecurity-core-rule-set/attachments/20160304/d9c18056/attachment.html>

More information about the Owasp-modsecurity-core-rule-set mailing list