- Neueste
- Die meisten Stimmen
- Die meisten Kommentare
If your application supports it, using API keys or tokens for authentication can bypass the need for IP whitelisting. This method can authenticate the request based on the provided token, regardless of the IP address. Shift the focus from IP-based whitelisting to application-level authentication, such as OAuth tokens, JWT tokens, or other mechanisms that validate the user or the client application rather than the IP address.
Are you using CloudFront, or another CDN in front of WAF? If so, make sure that the CDN is not stripping the header. If you do have a CDN in front of WAF, try accessing the resource (ALB, EIP, etc) directly, and see if you are still not seeing the X-Forwarded-For header.
If you are using CloudFront, this can be fixed by enabling the All Viewer origin request policy, which will ensure that all request headers (and cookies, and query params) are forwarded to the app.
Relevanter Inhalt
- AWS OFFICIALAktualisiert vor einem Jahr
- AWS OFFICIALAktualisiert vor 7 Monaten
- AWS OFFICIALAktualisiert vor einem Jahr