1. Home
  2. Balancer
  3. Snapt Aria: Source IP with X-Forwarded-For
  1. Home
  2. Accelerator
  3. Snapt Aria: Source IP with X-Forwarded-For

Snapt Aria: Source IP with X-Forwarded-For

By default, the load balanced web servers will not see the Clients IP as the actual Source IP from which the request originates, instead – the load balancers IP Address is used.

As an administrator you might need to identify the client’s IP for one or other monitoring requirement – this is easily achieved through the use of X-Forwarded-For headers.

Optionally you can configure your webserver instead – to consider the X-Forwarded-For header as the Real IP – This is to prevent additional site changes for the X-Forwarded-For.

Program Awareness

An increasing amount of frameworks and applications are adapting to support X-Forwarded-For headers manipulation and is the preferred method of changing the source IP.

Snapt Aria Configuration

X-Forwarded-For can be enabled in the UI per group as required.

  • From the main menu navigate to Balancer -> Group Management (Note: Or Balancer -> Backend Management if Group Management is not used)
  • Click edit on the group you want to enable X-Forwarded-For on


  • From HTTP Options sub-menu ensure Force HTTP Close is set to “Force Close” and Add X-Forwarded-For is set to On 
  • NOTE: If you are making use of Caching on the web accelerator and setting the X-Forwarded-For header there, ensure the “except” field contains
  • Reload Balancer

An additional header will be added to your requests, as the following example



Once the X-Forwarded-For header is available you are able to add it to your log files as illustrated below.

You may use Source IP in the event that the X-Forwarded-For header option is not available.

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
CustomLog "logs/access_log" combined env=!forwarded
CustomLog "logs/access_log" proxy env=forwarded

Consider using mod_remoteip in apache if you would like to mask the IP Address completely, this will allow your application to read the IP without the need to reference server headers.


There are several options here as well, best details by these two IIS blog post / IIS And X-Forwarded-For Header.


Nginx has the module HttpRealipModule for exactly this purpose. Adding the following lines to your Nginx configuration will set the Real IP header to the X-Forwarded-For IP sent from the load balancer.

set_real_ip_from   YOUR.NETWORK.RANGE/24;
real_ip_header     X-Forwarded-For;
Updated on September 25, 2020

Was this article helpful?

Related Articles