Notifications
Clear all
Topic starter
When viewing the attack logs on FortiWeb, which client IP address is shown when you are using XFF header rules?
- A . FortiGate public IP
B. FortiWeb IP
C. FortiGate local IP
D. Client real IP
Suggested Answer: D
Explanation:
When an XFF header reaches Alteon from a client, Alteon removes all the content from the header and injects the client IP address. Alteon then forwards the header to the server.
Reference: https://support.radware.com/app/answers/answer_view/a_id/20925/~/modifying-the-client-ip-address-in-the-xff-header-using-httpmod
Explanation:
When an XFF header reaches Alteon from a client, Alteon removes all the content from the header and injects the client IP address. Alteon then forwards the header to the server.
Reference: https://support.radware.com/app/answers/answer_view/a_id/20925/~/modifying-the-client-ip-address-in-the-xff-header-using-httpmod
Posted : 15/02/2023 11:50 pm