GoAnywhere Forum

Question:

How do I enable or modify X-Forwarded-For (XFF) headers for my environment? I see that support was added in version 6.4.1.


Answer:

X-Forwarded-For is disabled by default and will need to be turned on in the system properties to properly enable it for the Admin and Web clients. Following the below steps you can enable this property in your environment. If you have a clustered environment, then you will need to do the same steps on each node in the cluster.

1. Navigate to the installation directory of your GoAnywhere MFT and edit the system.properties file found in [install_dir]/GoAnywhere/config
2. Inside the system.properties file you will want to add the respective properties for your Admin and/or Web Client
   • Admin Client: com.linoma.admin.xff.proxyPattern=[REGEX_PATTERN]
   • Web Client: com.linoma.webClient.xff.proxyPattern=[REGEX_PATTERN]
3. Replace “[REGEX_PATTERN]” with a regular expression that encompasses the IP address of the server, or servers, adding the x-forwarded-for header
   • For example, if I wanted to match any 10.X.X.X IP address I would use the following pattern:
   1. Admin Client: com.linoma.admin.xff.proxyPattern=10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}
   2. Web Client: com.linoma.webClient.xff.proxyPattern=10\\.\\d{1,3}\\.\\d{1,3}\\.\\d{1,3}
4. After adding those properties, save the system.properties file and restart your GoAnywhere MFT instance to apply the changes.

When done, the system.properties should contain these lines and you should see the results in the audit logs.