On Wed, May 08, 2013 at 10:52:29AM +0200, Sander Klein wrote: > Hi, > > I want to move some websites behind cloudfare. They already add an > X-Forwarded-For header so I do not want to add it if the request comes > from cloudfare, but I do want to add it if the request is not from > cloudfare. > > Since both requests will pass through the same frontend I need some > kind of ACL or whatever. > > Is there a way to do this?
You have the optional argument "if-none" for "option forwardfor", but you should not do this with external proxies whose addresses you don't know because anyone could pass one and fool you. In practice you would need them to pass you some information to prove the request comes from them. The best way to do this is to do it over ssl. Cheers, Willy
