Skip to content

Instantly share code, notes, and snippets.

@randy3k

randy3k/x-forwarded-for.md

Last active December 3, 2024 17:57
Show Gist options
  • Save randy3k/9afb767c2ad26ed6cc4c9c83b36dfbcc to your computer and use it in GitHub Desktop.
Save randy3k/9afb767c2ad26ed6cc4c9c83b36dfbcc to your computer and use it in GitHub Desktop.
Download ZIP
Spoofing X-Forwarded-For
Raw
x-forwarded-for.md 
curl -H "X-Forwarded-For: 1.2.3.4" https://example.com

doesn't work for cloudflare proxied domain if it is specifically removed.

We may be still able to "workaround" it by connecting directly to the server.

curl -H "X-Forwarded-For: 1.2.3.4" --resolve example.com:443:$SERVER_IP https://example.com
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment