In Content Delivery Networks (CDNs), requests to the web server often come from an edge server and not from the actual client; therefore the HttpContext.Request.UserHostAddress property reflects the edge server's IP address rather than the connecting client's.
When personalizing content based on the client's IP address (for example, geolocation), the content should be based on the client's IP address and not the edge server's.
CDNs forward the connecting client information in the HTTP headers, so to be able to personalize content based on IP address in a CDN, you need to configure the header with true IP (change the header name based on the header sent from the CDN, the header name differs between CDNs):
<appSettings> <add key="episerver:ClientIPAddressHeader" value="True-Client-IP" /> </appSettings>
Header X-Forwarded-For is supported by most CDNs, this header contains a comma separated list of IP addresses, one for each CDN/proxy that a request passes through. This header is supported by using the same setting.
<appSettings> <add key="episerver:ClientIPAddressHeader" value="X-Forwarded-For" /> </appSettings>
You can specify the number of CDNs/proxies the header is expected to contain. Default value is 1, change this value if more than one CDN or proxy is used.
<appSettings> <add key="episerver:ClientIPAddressProxyCount" value="2" /> </appSettings>
The reason the number of CDNs/proxies has to be specified is to protect against IP spoofing. The setting episerver:ClientIPAddressProxyCount is available as of CMS.Core 9.3.2, in previous versions the default value of 1 cannot be changed.
Some CDN providers, such as Cloudflare, also provide a feature where the CDN identifies the geographic location of a visitor and adds the country code in one of the headers passed to the web server. As of version 11.9.0 of CMS, it is now possible to base geographic personalization on this header rather than doing a separate IP lookup using a Geolocation Provider. To enable this feature, you need to specify which header should be used to retrieve the country code.
<appSettings> <add key="episerver:ClientLocationHeader" value="CF-IPCountry" /> </appSettings>
Header-based geolocation is only used when no Geolocation provider has been configured and that it is limited to Country and Continent locations. This feature is turned on by default for all Optimizely Digital Experience Platform (DXP) customers.
Updated 3 months ago