GeoIP Tracking in MongoDB and Forward Request HTTP Header

When we load balance your web site at layer 7, it will become non-transparent. This means that the actual client source IP address is replaced by the load balancer’s own IP address, and therefore ONLY this address will be recorded in the IIS logs. One way around this is to insert X-Forwarded-For headers on the load balancer to track the actual client source IP address. IIS can then be reconfigured to make this data available in the logs.

Due to this GeoIP tracker cant read the actual IPs cause load balancer hides the actual IPs and in the  IIS log files we see that most of all client requests were coming from the IP addresses like following:
172.31.1.9
172.31.1.8
172.31.1.11

As a result, the unknown country/city is displayed.

Usually, in such cases the following setting from Sitecore.Analytics.Tracking.config is used:
 <!–  ANALYTICS FORWARDED REQUEST HTTP HEADER
      Specifies the name of an HTTP header variable containing the IP address of the
      webclient. Only for use behind load-balancers that mask web client IP addresses from
       webservers.
       IMPORTANT: If this setting is used incorrectly, it allows IP address spoofing.
       Typical values are “X-Forwarded-For” and “X-Real-IP”.
       Default value: “” (disabled)
 –>
      <setting name=”Analytics.ForwardedRequestHttpHeader” value=”” />
However, the setting value may differ for various load balancers.
If the F5 under load balancer is configured to forward the source IP as “X-forwarded-For”, the above setting must have a respective values else “X-Real-IP”.
To read more about Forwarded Request HTTP Headers, please visit:
Hope it helps.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Powered by WordPress.com.

Up ↑

%d bloggers like this: