How to selectively enable or disable proxy headers depending on the target backend on Apache httpd
Issue
- For security reasons we have disabled the X-Forwarded-For header on Apache httpd when working as a reverse proxy. However, a new application requires to check the IP address of the original client for authentication purposes, how can we enable it only for that appication?
Environment
- Red Hat Enterprise Linux (RHEL)
- 7
- Red Hat Software Collections (RHSCL)
- 2.0+
- Red Hat JBoss Web Server (JWS)
- 3.0+
- JBoss Core Services (JBCS)
- 2.4.23+
- Apache httpd
- 2.4
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.