2 May 09:02
Re: any way to get IIS to log X-Forward-For instead of REMOTE_ADDR?
From: Jason Haar <Jason.Haar <at> trimble.co.nz>
Subject: Re: any way to get IIS to log X-Forward-For instead of REMOTE_ADDR?
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2008-05-02 07:02:15 GMT
Subject: Re: any way to get IIS to log X-Forward-For instead of REMOTE_ADDR?
Newsgroups: gmane.comp.apache.mod-security.user
Date: 2008-05-02 07:02:15 GMT
Just to follow up on a potential solution. I got our local IIS guru to compile up the C++ ISAPI filter mentioned in: http://blogs.msdn.com/david.wang/archive/2005/09/28/HOWTO-ISAPI-Filter-which-Logs-original-Client-IP-for-Load-Balanced-II S-Servers.aspx (with "X-Client-IP:" changed to "X-Forwarded-For:") and that did the trick. Now our IIS-6 servers will be able to log the originating IPs from behind our WAF. I'm amazed IIS doesn't support this natively - apparently it still isn't an option under IIS-7 either! -- -- Cheers Jason Haar Information Security Manager, Trimble Navigation Ltd. Phone: +64 3 9635 377 Fax: +64 3 9635 417 PGP Fingerprint: 7A2E 0407 C9A6 CAF6 2B9F 8422 C063 5EBB FE1D 66D1 ------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
RSS Feed