cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Exit
search
  • Global community
    • Language:
      • Deutsch
      • English
      • Español
      • Français
      • Português
  • 日本語コミュニティ
  • 한국 커뮤니티
0
Upvote

x-forwarded-for in CF 11

Varzil
Community Beginner ,
Apr 28, 2016 Apr 28, 2016

Trying to get the actual ip address of a user with coldfusion sitting behind an F5 appliance.  Researching I found the RemoteIpValve which can be placed in server.xml, but it does not seem to work on CF 11.  Does anyone know of any tricks to getting this to work or does it not work at all in CF 11?

Thanks

3.2K
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines

correct answers 1 Correct answer

haxtbh
Advocate , Apr 28, 2016 Apr 28, 2016

We just use CGI.HTTP_X_Forwarded_For as it is available in the CGI scope. It will probably return multiple results in a comma delimited list. The first IP is usually the real IP

Try dumping the CGI scope OR GetHttpRequestData() to see if you can see it in there at all. The appliance may have to be configured to send the header correctly though.

Translate
replies 7 Replies 7
latest latest Jump to latest reply
haxtbh
Advocate ,
Apr 28, 2016 Apr 28, 2016

We just use CGI.HTTP_X_Forwarded_For as it is available in the CGI scope. It will probably return multiple results in a comma delimited list. The first IP is usually the real IP

Try dumping the CGI scope OR GetHttpRequestData() to see if you can see it in there at all. The appliance may have to be configured to send the header correctly though.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Varzil
Community Beginner ,
Apr 28, 2016 Apr 28, 2016
In Response To haxtbh

Well, I can get the x_forwarded_for from the header right now.  My biggest problem is not being able to set the debug ip addresses within CF Admin.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
haxtbh
Advocate ,
Apr 28, 2016 Apr 28, 2016
In Response To Varzil

Not sure I understand. What is the exactly are you trying to achieve?

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Varzil
Community Beginner ,
Apr 28, 2016 Apr 28, 2016
In Response To haxtbh

Debug information on our dev and test sites on each page.  I can't open to all IPs, so need the CF server to see the CGI.remote_addr as my actual PC ip address so that I get debug information while others do not.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
haxtbh
Advocate ,
Apr 28, 2016 Apr 28, 2016
In Response To Varzil

Right I see, what did you try with the remoteIpValue option?

Was it along the lines of:

<Valve className="org.apache.catalina.valves.RemoteIpValve" protocolHeader="X-Forwarded-Proto" remoteIpHeader="X-Forwarded-For" protocolHeaderHttpsValue="https" />

I assume after the changes you restarted both IIS and CF?

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Varzil
Community Beginner ,
Apr 28, 2016 Apr 28, 2016
In Response To haxtbh

yes, that was exactly what I used and  I did restart both.

Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Charlie Arehart Community Expert
Community Expert ,
Apr 29, 2019 Apr 29, 2019
LATEST
In Response To Varzil

I realize this an older thread, but in case someone else may come across it looking for info on using the Tomcat remoteipvalve with CF, I wanted to offer some thoughts and ask a question:

Varzil, as for why the remoteipvalve did not work, can you tell us why you used remoteIpHeader="X-Forwarded-For", when you indicated in your earlier messages here that the header was "x_forwarded_for"? The difference between dash and underscore would be significant.

I can report that I have used this same approach and gotten the user's IP as forwarded by CloudFlare, which uses CF-Connecting-IP as the header. And rather than all those attributes (which may have value for some), I got by with just this:

<Valve className="org.apache.catalina.valves.RemoteIpValve" remoteIpHeader="CF-Connecting-IP" />

placed in the server.xml (in cfusion/runtime/conf), and implemented either within the engine or host xml elements (for those who may find this and need to know more). Indeed, the remoteipvalve attributres are documented here:

RemoteIpValve (Apache Tomcat 8.5.40 API Documentation)

Hope that helps someone, and Varzil, if you may still have your setup to check things out, it would be interesting to hear if it may help you.


/Charlie (troubleshooter, carehart. org)
Translate
Report
Community guidelines
Be kind and respectful, give credit to the original source of content, and search for duplicates before posting. Learn more
community guidelines
Resources
Documentation
ColdFusion User Guide
Open in a new window
Copyright © 2025 Adobe. All rights reserved.
Using the Community Experience League Terms of Use Privacy Cookie preferences Do not sell or share my personal information ad choicesAdChoices