By default, Alert Logic Web Security Manager will insert the IP address of the upstream proxy in the X-Forwarded-For (XFF) header. Some customers have applications that rely on a specific list of XFF headers and do not want Web Security Manager to change the XFF header. In this case, Web Security Manager can be configured to not change the XFF header.
- At the top of the Alert Logic console, navigate to the WAF page.
- Find and click the Websites tab.
- Find your desired website and click Manage Website.
- Select Virtual host.
- Enable the Use trusted proxy option.
- Enter the IP address of the upstream proxy (or the subnet that the upstream proxy resides in).