HTTP "X-" Headers

Provides a list of connection IP addresses.

The load balancer appends the last remote peer address to the X-Forwarded-For field from the incoming request. A comma and space precede the appended address. If the client request header does not include an X-Forwarded-For field, this value is equal to the X-Real-IP value. The original requesting client is the first (left-most) IP address in the list, assuming that the incoming field content is trustworthy. The last address is the last (most recent) peer, that is, the machine from which the load balancer received the request. The format is:

X-Forwarded-For: <original_client>, <proxy1>, <proxy2>

Example incoming field:

X-Forwarded-For: 202.1.112.187

Example field with appended proxy IP address:

X-Forwarded-For: 202.1.112.187, 192.168.0.10

Identifies the original host and port requested by the client in the Host HTTP request header. This header helps you determine the original host, since the hostname or port of the reverse proxy (load balancer) might differ from the original server handling the request.

X-Forwarded-Host: www.oracle.com:8080

Identifies the listener port number that the client used to connect to the load balancer. For example:

X-Forwarded-Port: 443

Identifies the protocol that the client used to connect to the load balancer, either http or https. For example:

X-Forwarded-Proto: https

Identifies the client's IP address. For the Load Balancing service, the "client" is the last remote peer.

Your load balancer intercepts traffic between the client and your server. Your server's access logs, therefore, include only the load balancer's IP address. The X-Real-IP header provides the client's IP address. For example:

X-Real-IP: 192.168.0.10