Hi,
You can also use this patch.
Cheers,
Ren?
Op donderdag 24-06-2021 om 18:41 uur [tijdzone +1000], schreef Jeremy Laidman:
Hi Shawn
Xymon's enadis CGI gets the IP address from the webserver's REMOTE_HOST or REMOTE_ADDR variables. Depending on the web server you're using, there may be zero or more ways to make this work.
For instance, there are Apache modules that can do this: mod_rpaf (reverse proxy add forward), mod_extract_forwarded and mod_remoteip (the latter seemingly the most common method, but also seems to be the most feature-full = complicated). Also, it's possible to use SetEnvIf to capture the IP address from the header and assign it to REMOTE_ADDR (although note that there can be multiple IP addresses in an X-Forwarded-For value if there are multiple proxies in a chain so you'd want to extract the first (left-most) IP to get the client IP).
Be warned that it's trivial for an attacker to create an X-Forwarded-For header, so your reverse proxies should strip this header if it exists, before adding their own. There may be other implications.
Cheers Jeremy
On Wed, 23 Jun 2021 at 13:27, Shawn Heisey <hobbit at elyograg.org> wrote:
I have all my websites behind a reverse proxy. For those who might be interested, it's haproxy. I'm using it because it handles all the TLS and can be easily configured to handle DDOS attacks. Is it difficult to get xymon to use the X-Forwarded-For header? Did some googline and came up empty. I have some disabled tests, and this is what it says: Disabled by: elyograg @ 127.0.0.1 I would like to see the real IP address there. I've got Xymon 4.3.28 installed from source. Thanks, Shawn _______________________________________________ Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
Xymon mailing list Xymon at xymon.com http://lists.xymon.com/mailman/listinfo/xymon
This message has been scanned for viruses with ClamAV at vermare.net