Remove X-Forwarded-For header in Squid 3.0

Question

Some months ago I was working with Squid 3.0 and managed to get rid of the X-Forwarded-For header completely. Now I am trying to do the same thing but I do not seem to hit the nail.

I have tried forwarded_for off but that does not remove the header, it just inserts unknown in place of the client IP.

I tried header_access X-Forwarded-For deny all but I receive an error about invalid directive. Looking in the function reference it seems that this directive is deprecated in 3.0.

I tried forwarded_for delete but this is only available from 3.1.

Any suggestions?

score 13 · Answer 1 · answered Jun 18 '14 at 10:41

13

Here's the full list you need:-

via off
forwarded_for off
follow_x_forwarded_for deny all
request_header_access X-Forwarded-For deny all
header_access X_Forwarded_For deny all

answered Jun 18 '14 at 10:41

cnd

270

score 6 · Accepted Answer · answered Jan 14 '10 at 15:40

6

Fixed with:

request_header_access X-Forwarded-For deny all

answered Jan 14 '10 at 15:40

mr-euro

888

score 1 · Answer 3 · edited Jun 13 '14 at 16:30

1

For specific domains you can use

acl NoXForwardedFor dst "/usr/pbi/squid-amd64/etc/squid/NoXForwardedFor.txt"

request_header_access X-Forwarded-For deny NoXForwardedFor

where NoXForwarded.txt contains domain names.

edited Jun 13 '14 at 16:30

Felix Frank

3,123

answered Jun 13 '14 at 13:57

user226166

11

score 1 · Answer 4 · answered May 23 '19 at 14:34

you can set forwarded_for directive to truncate

forwarded_for truncate

this will remove all existing X-Forwarded-For entries, and place the client IP as the sole entry

For more about this directive visit squid : forwarded_for configuration directive

Remove X-Forwarded-For header in Squid 3.0

4 Answers4

Linked