How Do I Obtain the Real IP Address of a Web Visitor After WAF Is Enabled?

Generally, a proxy such as CDN, WAF, and AAD is deployed between the client and server. Web visitors cannot directly access the server. For example, web visitor > CDN/WAF/AAD > origin server. Then, how does the server obtain the real IP address of the client when multiple proxies are used?

  1. Log in to the management console.
  2. Click in the upper left corner of the management console and select a region or project.
  3. Choose Security > Web Application Firewall. In the navigation pane on the left, choose Domains.Figure 1 shows an example.

    Figure 1 Domains page

    In the upper part of the domain name list, click Quota details to view the domain name quota.

  4. In the Name column, click the target domain name to go to the basic information page.
  5. View Source IP Header. By default, WAF obtains the real IP address of a web visitor from the HTTP header X-Forwarded-For. The first IP address in the X-Forwarded-For field is the real IP address of the web visitor. You can also click to customize the field to identify the real IP address. Figure 2 shows an example.

    Figure 2 Basic domain information

Parent topic: Operation-related