Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision | Next revision Both sides next revision | ||
litespeed_wiki:config:mitigating-ddos-attacks [2019/06/13 16:21] Lisa Clarke [Trusted IPs] Copyediting |
litespeed_wiki:config:mitigating-ddos-attacks [2020/01/06 21:46] Jackson Zhang [Order LiteSpeed's Advanced Anti-DDoS Setup Service] |
||
---|---|---|---|
Line 121: | Line 121: | ||
To order LiteSpeed Advanced Anti-DDos Setup Service, please [[https://store.litespeedtech.com/store/cart.php?gid=5|visit our store]]. | To order LiteSpeed Advanced Anti-DDos Setup Service, please [[https://store.litespeedtech.com/store/cart.php?gid=5|visit our store]]. | ||
+ | ===== Never set ''Use Client IP in Header'' to ''Yes'' ===== | ||
+ | To restore real visitor IPs, navigate to ''LiteSpeed WebAdmin Console > Configuration > General Settings'' and set ''Use Client IP in Header'' to ''Trusted IP Only'', and add your CDN such as CloudFlare IPs/Subnets to the trusted list. Never set ''Use Client IP in Header'' to ''Yes'' since clients can spoof IPs with the ''X-Forwarded-For'' header that is sent to CloudFlare. | ||
===== Troubleshooting ===== | ===== Troubleshooting ===== | ||