Bug#425008: apache2: handle X-FORWARDED-FOR by default
"Stefan Fritsch" <email@example.com> writes:
>> +SetEnvIfNoCase X-Forwarded-For "." from_proxy=1
> This is horribly insecure for normal setups without proxy. Any client
> could set X-Forwarded-For and modify the logged IP address.
I understand. Could this line be added and commented out so that
enabling the feature is a matter of uncommenting a line instead of
digging the web ?
Thanks for the quick reply and for maintaining apache2
+33 1 76 60 72 81 Loic Dachary mailto:firstname.lastname@example.org
Latitude: 48.86962325498033 Longitude: 2.3623046278953552