Re: [mod-security-users] DDOS attacks protection with X-forwarded-for
Brought to you by:
victorhora,
zimmerletw
From: Reindl H. <h.r...@th...> - 2013-11-25 09:31:55
|
Am 24.11.2013 20:24, schrieb maoz zadok: > is there any way to do it without using mod_remoteip? > I tried that rule, but couldn’t manage to get it working: > > SecRule REQUEST_HEADERS:x-forwarded-for "^\b(\d{1,3}\.\d{1,3}\.\d{1,3}\.\d{1,3})\b" X-Forwared-For is a *client header* which is *not* trustable until it comes only from specific IP addresses and *that* is what mod_remoteip is for - *never* use such headers in own application logic |