Jump to content
Welcome to our new Citrix community!

Netscaler bot management feature using request header


Ross Bender

Recommended Posts

We want to use the bot management feature to leverage TPS or rate limit features, but need to be able to do so based on the X-Forwarded-For request header. We cannot use source IP address as all traffic passes through an upstream proxy server, so the Netscaler sees all requests as coming from the same source IP address. The upstream proxy inserts the X-Forwarded-For request header and we need to be able to configure TPS or rate limit features based on this value.

 

Is there a way to accomplish it?

Link to comment
Share on other sites

Hey, Ross.

If you are in the admin guide for bot management here:  https://docs.citrix.com/en-us/citrix-adc/current-release/bot-management/bot-detection.html

Search for "Client IP policy expression for bot detection" for the next section.

 

add bot profile <name> [-clientIPExpression <expression>]

 

So, in the bot management profile, the Client IP Expression field will allow you to identify the way to extract the source IP in a given bot protection profile.

 

Example:  add bot profile profile1 –clientIPExpression 'HTTP.REQ.HEADER("X-Forwarded-For") ALT CLIENT.IP.SRC.TYPECAST_TEXT_T'

 

I can't test this myself but this is the documentation in the admin guide for you.

 

 

 

 

 

 

 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...