X-Forwarded-For

From Wikipedia, the free encyclopedia

The X-Forwarded-For (XFF) HTTP header is a de facto standard for identifying the originating IP address of a client connecting to a web server through an HTTP proxy. XFF headers are supported by most proxy servers, notably Squid, Apache mod_proxy, Cisco Cache Engine, and NetApp NetCache.

In this context, the caching servers are most often those of large ISPs who either encourage or force their users to use proxy server for access to the World Wide Web, something which is often done to reduce external bandwidth through caching. In some cases, these proxy servers are transparent proxies, and the user may be unaware that they are using them.

Without the use of XFF or another similar technique, any connection through the proxy would reveal only the originating IP address of the proxy server, effectively turning the proxy server into an anonymizing service, thus making the detection and prevention of abusive accesses significantly harder than if the originating IP address was available. The usefulness of XFF depends on the proxy server truthfully reporting the original host's IP address; for this reason, effective use of XFF requires knowledge of which proxies are trustworthy, for instance by looking them up in a whitelist of servers whose maintainers can be trusted.

[edit] Format

The general format of the header is:

X-Forwarded-For: client1, proxy1, proxy2

where the value is a comma-separated list of IP addresses, the left-most being the farthest downstream client.

[edit] References

This article or section needs sources or references that appear in reliable, third-party publications. Alone, primary sources and sources affiliated with the subject of the article are not sufficient for an accurate encyclopedia article. Please include more appropriate citations from reliable sources.
This article has been tagged since March 2007.

[edit] See also