0
Considering for Future Release

Support X-Forwarded-For headers

CJTC 8 months ago updated by swhite (Product Manager) 8 months ago 1

Due to insurance and industry requirements we are required to host CW Control behind an approved WAF/Proxy. But in doing so all WEB activity is logged with the WAF/proxy IP instead of the endclient IP. This decreases the value of the built-in CW Control logging and triggers functionality.



Support has confirmed that CW Control does not currently support X-Forwarded-For (XFF) which is a de-facto web standard for passing client IPs through web Proxies. Can we get this header feature added? https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Forwarded-For


I was told Control is unable to read the header response so I wouldn't be able to manually enable it via "Security Toolkit" > "ExtraSecurityHttpHeadersList".


Thanks,
Available in Version:

Answer

Answer
Considering for Future Release

Thanks for your request, after speaking with our Architecture team I have registered this request for future consideration.

The key concern is  that the product would have to become much more aware of the reverse proxy sitting in front of it in order to properly handle the traffic in a secure manner.

Answer
Considering for Future Release

Thanks for your request, after speaking with our Architecture team I have registered this request for future consideration.

The key concern is  that the product would have to become much more aware of the reverse proxy sitting in front of it in order to properly handle the traffic in a secure manner.