Below are a few of the most frequently used cases where X-Forwarded-For (XFF) header can be used to manipulate requests based on it's value. They are a bit generalized since the action on the origin side can be lot more detailed and act differently according to individual cases.
PHP
Store end-user IP in DataBase.
<?php
$listofips = getenv('HTTP_X_FORWARDED_FOR');
$ips = explode(",", $listofips);
$ip = $ips[0];
$tmpip = unserialize(file_get_contents('http://www.geoplugin.net/php.gp?ip=' . $ip));
$country_code = $tmpip[geoplugin_countryCode];
$country_name = $tmpip[geoplugin_countryName];
$username = "uname";
$password = "dbpwd";
$hostname = "localhost";
$dbname = "db";
mysql_connect($hostname, $username, $password);
mysql_select_db($dbname);
mysql_query("INSERT INTO visitors (ip, country_code, country_name) VALUES ('" . $ip . "', '" . $country_code . "', '" . $country_name . "')");
mysql_close();
?>
NginX
Redirect specific end-user IP.
location / {
if ($http_x_forwarded_for = "12.12.12.12") {
rewrite ^ http://domain.com$request_uri;
}
Redirect if XFF matches the range defined by regex Any IP between 12.12.12.1 and 12.12.12.254
location / {
if ($http_x_forwarded_for ~ ^12\.12\.12\.([1-2]|[1-9][0-9]|254)$) {
rewrite ^ http://domain.com$request_uri;
}
Apache
Redirect by XFF header
RewriteEngine on
RewriteCond %{HTTP:X-FORWARDED-FOR} !^12\.12\.12\.12
RewriteRule .* /destination.php [R=302,L]
If you have any questions about the content of this article, please feel free to reach out to the Support Team for assistance, we're available 24/7 for your convenience.