handling X-Forwarded-For when using reverse proxy

  • I don’t know if my reverse proxy configuration is messed up or if this is a z-push issue. As far as I know, X-Forwarded-For can hold a list of multiple IP addresses.
    Once I have the following option defined in z-push.conf:

        define('USE_CUSTOM_REMOTE_IP_HEADER', 'X-Forwarded-For');

    I can see messages in z-push.log like:

    01/06/2018 11:08:59 [28617] [ INFO] [darian] cmd='Ping' memory='3.41 MiB/3.75 MiB' time='60.09s' devType='Android' devId='nine621b3e876d5d' getUser='darian' from='badip-' idle='60s' version='2.4.2+0' method='POST' httpcode='200'

    The actual client ip was My reverse proxy passed a list of IPs, the client_ip and the proxy_ip: “,”. Obviously such string cannot be identified as a valid IP address and hence I get the badip messages.

  • Kopano

    Hi Darian,

    thanks for reporting this. I’ve created a JIRA issue: https://jira.z-hub.io/browse/ZP-1434.


Log in to reply