Sawmill Discussion Forum - BlueCoat Proxy SG HTTP Referrer


	7.2.3

Sawmill Discussion Forum

Subject: "BlueCoat Proxy SG HTTP Referrer"

Previous Topic | Next Topic

Conferences Pre-Sales Topic #598
Printer-friendly copy Email this topic to a friend
Reading Topic #598

PhilCh
Member since May-9-06
1 posts

May-09-06, 09:35 AM (PDT)

Click to add this user to your buddy list

"BlueCoat Proxy SG HTTP Referrer"

We're using BlueCoat Proxy SG as a reverse proxy, handling incoming requests to our public web servers and outgoing requests from our intranet users to the Internet.

Our problem is that our BlueCoat logs show all incoming requests as having originated from the proxy server address.

Is it possible to collect the original HTTP referrer address and use this for generating Sawmill statistics?

Alert | IP

Printer-friendly page | Edit | Reply | Reply With Quote | Top

ferrar
Member since Sep-5-01
3092 posts

May-09-06, 09:28 PM (PDT)

1. "RE: BlueCoat Proxy SG HTTP Referrer"
In response to message #0

This is a general problem with reverse proxies; they cause the web server to log all requests as coming from the proxy (which is correct, because the connections to the web server really are from the proxy). The standard solution to this is to 1) use a proxy server which includes the X-Forwarded-For header, and 2) to log that header in your web server. I'm not certain that Blue Coat Proxy SG passes X-Forwarded-For through, but it's very likely that it does. Assuming it does, all you need to do is configure your server to log X-Forwarded-For instead of the actual source IP. If you're using Apache, this can be done by replacing %h in the LogFormat directory with %{X-Forwarded-For}i (in the httpd.conf file).

Alert | IP

Printer-friendly page | Edit | Reply | Reply With Quote | Top

Conferences | Topics | Previous Topic | Next Topic

Home Lite Professional Enterprise Samples FAQ Downloads Purchase Manual Support Contact Us