Request to spoa does not send original source ip

jcmoraisjr / modsecurity-spoa

HAProxy agent for ModSecurity web application firewall

Apache License 2.0

94 stars 25 forks source link

Request to spoa does not send original source ip #18

Open Rdago opened 2 years ago

Rdago commented 2 years ago

I noticed that the requests are coming from the source ip of the haproxy (which in my case is 127.0.0.1) and not from the original Source IP Address. Is there a way to pass this argument to the spoa agent and log it in debug log?

The problem is that some rules can´t be applied - thinking of geoip blocking or reputation blocking.

I already tried to add ip=src to the spoe-message configuration without success.

thanks in advance!

thiagolinhares commented 2 years ago

same here... client_ip shows up as 127.0.0.1. %{REQUEST_HEADERS:X-Forwarded-For} print out as blank (empty). Haproxy-ingress has "forwardfor: add" as default and nginx backend prints x-forwarded-for normally.

-- edit to add versions -- haproxy-ingress: v0.7.6 modsec: v0.8