how to disable varnish X Forwarded For header
i am using nginx <=> varnish <=> apache
i am passing client IP to varnish via nginx proxy_set_header X-Forwarded-For $remote_addr;
but varnish also adding X-Forwarded-For as 127.0.0.1 so apache showing 2 IPs comma based.
i need IP send by nginx only i want to disable varnish adding 127.0.0.1
varnish version 3.0.0 here is default.vcl
backend default { .host = "204.29.58.4"; .port = "80"; } sub vcl_recv { if (req.http.Range) { return(pipe); } }
Solution 1:
The default vcl_recv
function (which is appended to yours) contains this:
if (req.restarts == 0) {
if (req.http.x-forwarded-for) {
set req.http.X-Forwarded-For =
req.http.X-Forwarded-For + ", " + client.ip;
} else {
set req.http.X-Forwarded-For = client.ip;
}
}
..which is modifying the header. To prevent this from happening, you should have your vcl_recv
implemented as a full function that always returns, instead of depending on the appending of the default behavior, which contains config that you don't want. Something like this:
sub vcl_recv {
if (req.http.Range) {
return(pipe);
}
if (req.request != "GET" &&
req.request != "HEAD" &&
req.request != "PUT" &&
req.request != "POST" &&
req.request != "TRACE" &&
req.request != "OPTIONS" &&
req.request != "DELETE") {
/* Non-RFC2616 or CONNECT which is weird. */
return (pipe);
}
if (req.request != "GET" && req.request != "HEAD") {
/* We only deal with GET and HEAD by default */
return (pass);
}
if (req.http.Authorization || req.http.Cookie) {
/* Not cacheable by default */
return (pass);
}
return (lookup);
}