Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision | Next revision Both sides next revision | ||
|
litespeed_wiki:config:mitigating-ddos-attacks [2019/06/13 16:21] Lisa Clarke [Trusted IPs] Copyediting |
litespeed_wiki:config:mitigating-ddos-attacks [2020/01/06 21:46] Jackson Zhang [Order LiteSpeed's Advanced Anti-DDoS Setup Service] |
||
|---|---|---|---|
| Line 121: | Line 121: | ||
| To order LiteSpeed Advanced Anti-DDos Setup Service, please [[https://store.litespeedtech.com/store/cart.php?gid=5|visit our store]]. | To order LiteSpeed Advanced Anti-DDos Setup Service, please [[https://store.litespeedtech.com/store/cart.php?gid=5|visit our store]]. | ||
| + | ===== Never set ''Use Client IP in Header'' to ''Yes'' ===== | ||
| + | To restore real visitor IPs, navigate to ''LiteSpeed WebAdmin Console > Configuration > General Settings'' and set ''Use Client IP in Header'' to ''Trusted IP Only'', and add your CDN such as CloudFlare IPs/Subnets to the trusted list. Never set ''Use Client IP in Header'' to ''Yes'' since clients can spoof IPs with the ''X-Forwarded-For'' header that is sent to CloudFlare. | ||
| ===== Troubleshooting ===== | ===== Troubleshooting ===== | ||