HTTP X-Forwarded-For Header

By: Dusty Arlia
Published on Thursday, June 12, 2014, 09:20 PM
Last Updated on Saturday, July 11, 2015 at 3:27 PM
Total Updates: 2

The X-Forwarded-For HTTP header is the de facto standard for identifying the originating IP address of a client connecting to a web server through an HTTP proxy or load balancer.

Here is the syntax

X-Forwarded-For: [client1], [proxy1], ... [proxy#]

The value of this HTTP header is a comma and space separated list of IP addresses. The left-most IP address belongs to the original client. Each successive IP address belongs to each proxy that passed the HTTP request. Every proxy server adds the IP address where it received the request from. The last proxy server before reaching the destination will not appear in this header value. The last proxy server appears as the remote address of the request.

Here is an example: