luky-37 at hotmail.com
Mon Jun 16 07:12:47 UTC 2014
> Thanks for your reply.
> I have already tried
> But this needs a list of subnets / networks to be whitelisted first as a
> trusted source. I do not (Can not) have a list of such networks as they can
> be intermediate proxy of any company. Eg : Google chrome on smartphone uses
> Google compression proxy in between before reaching the actual server where
> website is hosted. Opera mini also does the same and similarly don't know
> who all does it. So I can not have a list of all trusted networks.
You cannot trust X-F-F headers of untrusted third party networks and proxies,
otherwise everyone can spoof whatever remote IP they want.
Don't do this.
More information about the nginx