Ok.. this is rather strange, but I need to replace X-forwarded-for value.
We are using SAP B1, and for some various reason, it needs x-forwarded-for contains only one string "https://sap.domain.tld:443" and only that value. No other hosts, and no comma. Exactly as that.
Now, I am using various proxies and cloudflare, thus adding some values in X-forwarded-for that I have to remove to access SAP B1 Web Access. I need all those values removed.
Below is my configuration in apache:
SSLEngine On
SSLCertificateFile /etc/ssl/crt/sap.crt
SSLCertificateKeyFile /etc/ssl/private/4096.key
SSLCACertificateFile /etc/ssl/ca/ca.crt
SSLProxyEngine On
SSLProxyCheckPeerCN off
SSLProxyVerify none
SSLProxyCheckPeerName off
SSLProtocol -all +TLSv1.2 +TLSv1.1 +TLSv1
SSLCipherSuite EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:ECDHE-RSA-AES128-SHA:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA$
ProxyPreserveHost On
ProxyVia full
ProxyPass / https://10.1.1.1:8100/
ProxyPassReverse / https://10.1.1.1:8100/
ProxyAddHeaders off
RequestHeader unset X-forwarded-for
RequestHeader set X-Forwarded-For "https://sap.domain.tld:443"
I have added ProxyAddHeaders off but apache still adds new X-Forwarded-For. How can I remove them all?
I recently ran into a similar problem. For me it turned out that
ProxyAddHeaders offdidn't work in<VirtualHost>context (despite the docs). After putting the directive in a<Location>context Apache stopped addingX-Forwarded-*headers as expected.Yours might look as follows...