Find answers, ask questions, and connect with our
community around the world.

Home Forums AWS AWS Certified Advanced Networking – Specialty X-Forwarded-For Header – Possible Answer Error

  • X-Forwarded-For Header – Possible Answer Error

  • milo

    Member
    February 22, 2022 at 1:54 am

    Hi Tutorials Dojo Team!

    I think I may have found an error in the answers to the “Timed Practice Test Set 1” for the Advanced Networking Specialty.

    The question reads:

    There are several publicly-accessible applications that are being developed and maintained by a software development company. Some applications are hosted on Amazon EC2 Dedicated Hosts while others are running in an Auto Scaling group of EC2 instances behind an Application Load Balancer. Amazon CloudFront web distributions with geo-restriction feature enabled are also used to prevent users in specific geographic locations from accessing the site contents. To generate data analytics, the Network Team must get the IP addresses of the users who are visiting these web applications.

    Which of the following are true regarding the process of retrieving the client IP address? (Select THREE.)

    One of the correct options (which I believe is incorrect in its wording) reads:

    The last IP address in the X-Forwarded-For HTTP header is most likely associated with the user’s geographic location. This header typically contains more than one IP address, most of which are for proxies or load balancers.

    Based on my reading, I believe this to be a mistake because the first IP in the header is the originating client IP which should be the one most likely associated with the user’s geographic location.

    In AWS’ and Mozilla’s documentation this appears to be the case (their examples show that IPs after the first are most likely proxies and load balancers):

    1. AWS Documentation: X-Forwarded-For
    2. MDN Documentation about X-Forwarded-For

    Please let me know if this is indeed an error with the wording of the answer.

    Thanks!

  • Tutorials-Dojo

    Administrator
    March 29, 2022 at 6:39 pm

    Hi Milo,

    Thank you for posting your message. First of all, we would like to apologize for our late response.

    Regarding the X-Forwarded-For header, you can take a look at this statement from the official AWS documentation which mentions that the LAST IP address is the one most likely to be associated with the user’s geographic location.


    • If your web server is connected to the internet through a load balancer, a web server variable might contain the IP address of the load balancer, not the IP address of the user. In this configuration, we recommend that you use the last IP address in the X-Forwarded-For
      HTTP header. This header typically contains more than one IP address, most of which are for proxies or load balancers. The last IP address in the list is the one most likely to be associated with the user’s geographic location.

    Reference:
    https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/georestrictions.html

    Regards,

    Jon Bonso @ Tutorials Dojo

Viewing 1 - 2 of 2 replies

Log in to reply.

Original Post
0 of 0 posts June 2018
Now