我的经典负载均衡器偶尔不提供X-Forwarded-For标头,我不能确定同一个请求是否会有它。
我注意到对指向负载均衡器的 URL 的请求通过以下两个 IP 地址中的任何一个进行代理:IP A或IP B. 正如您在下面的日志中看到的,IP A始终包含X-Forwarded-For标头和用户代理,IP B它们都没有。不要关注HTTP代码,没有时故意403 X-Forwarded-For:
<IP A> - - [20/Apr/2018:15:04:11 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP B> - - [20/Apr/2018:15:04:12 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 401 611 "-" "curl/7.47.0" <X-Forwarded-For IP>
<IP A> - - [20/Apr/2018:15:04:14 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP B> - - [20/Apr/2018:15:04:15 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 401 611 "-" "curl/7.47.0" <X-Forwarded-For IP>
<IP A> - - [20/Apr/2018:15:04:16 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP B> - - [20/Apr/2018:15:04:17 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 401 611 "-" "curl/7.47.0" <X-Forwarded-For IP>
<IP A> - - [20/Apr/2018:15:04:17 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP B> - - [20/Apr/2018:15:04:18 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 401 611 "-" "curl/7.47.0" <X-Forwarded-For IP>
<IP A> - - [20/Apr/2018:15:04:19 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP B> - - [20/Apr/2018:15:04:20 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP A> - - [20/Apr/2018:15:04:21 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP A> - - [20/Apr/2018:15:04:34 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP B> - - [20/Apr/2018:15:04:34 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP A> - - [20/Apr/2018:15:04:35 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP B> - - [20/Apr/2018:15:04:36 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
<IP A> - - [20/Apr/2018:15:04:36 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 401 612 "-" "curl/7.47.0" <X-Forwarded-For IP>
<IP B> - - [20/Apr/2018:15:04:37 +0100] "GET /wc-api/v3/orders/?ttt HTTP/1.1" 403 428
什么可能导致这种行为?
更新
IP A 和 B 都随机擦除标头,而不仅仅是 IP B。
更新 2
403 HTTP 错误是由其他原因引起的,而不是我的 apache 配置,所以它们不是故意的,正如上面所说