The ProxyClients
parameter specifies the IP addresses or host names for proxy clients that are permitted to send actions to the ACI server. Separate multiple addresses with a comma. There must be no space before or after a comma.
When an action is received, if the client address does not appear in the AdminClients, or QueryClients parameter, but it does appear in the ProxyClients
parameter, the X-Forwarded-For HTTP header is processed. The header is then used to determine whether the action was forwarded from an allowed client by a trusted Proxy.
If you use a chain of load balancer or proxy components, you must add each IP address to the list in ProxyClients
. The server rejects any request that comes from one of the ProxyClients
IP addresses, but that does not contain an X-Forwarded-For HTTP Header that corresponds to AdminClients or QueryClients.
You can use wildcards in the IP addresses. For example, type 187.*.*.*
to specify any machine with an IP address that begins with 187. You can also filter the ProxyClients
parameter using CIDR notation.
Type: | String |
Default: | *.*.*.*
|
Required: | No |
Configuration Section: | Server |
Example: |
A load balancer with IP address 12.34.56.78 forwards query actions to IDOL from an application server host with IP address 12.34.56.89. For this setup, the configuration is: [Server] |
See Also: |
|