> However, I still see my cheated XFF exist in my backend PHP program, e.g. > > [HTTP_X_FORWARDED_FOR] => 192.168.11.103 [Cheated using FF Modify Header] > [REMOTE_ADDR] => MY_SQUID_IP >
Sorry pls ignore my last email, and see my updated test results for quick comparison... Facts: Client IP: 202.183.19.3 XFF Cheated IP using FF Modify Header: 192.168.11.103 Squid IP: 10.10.10.3 Test 1: forwarded_for on [HTTP_X_FORWARDED_FOR] = 192.168.11.103, 202.183.19.3 forwarded_for truncate [HTTP_X_FORWARDED_FOR] = 192.168.11.103, unknown You see, truncate is truncating my real client ip,leaving the cheated one. Howard
