After you add your website to Anti-DDoS Proxy, you can select Enable Traffic Mark to include originating ports of clients, originating IP addresses of clients, or custom HTTP headers in the back-to-origin requests that Anti-DDoS Proxy forwards to your origin server. This allows the backend servers to perform statistical analysis on the back-to-origin requests in an efficient manner. This topic describes how to mark the back-to-origin requests that Anti-DDoS Proxy forwards to your origin server.
Prerequisites
Your website is added to Anti-DDoS Proxy. For more information, see Add one or more websites.
Procedure
Log on to the Anti-DDoS Proxy console.
In the top navigation bar, select the region of your instance.
Anti-DDoS Proxy (Chinese Mainland): If your instance is an Anti-DDoS Proxy (Chinese Mainland) instance, select Chinese Mainland.
Anti-DDoS Proxy (Outside Chinese Mainland): If your instance is an Anti-DDoS Proxy (Outside Chinese Mainland) instance, select Outside Chinese Mainland.
In the left-side navigation pane, choose .
Find the website whose configurations you want to modify and click Edit in the Actions column.
In the Forwarding Settings step, Select Enable Traffic Mark and configure the parameters.
Originating Port
The name of the HTTP header that contains the originating port of the client.
In most cases, the
X-Forwarded-ClientSrcPortheader is used to record the originating port of the client. If you use a custom header to record the originating port of the client, specify the custom header for Originating Port. After Anti-DDoS Proxy forwards back-to-origin requests to your origin server, your origin server parses the custom header to obtain the originating port of the client. The steps to obtain the originating port of the client are similar to the steps to obtain the originating IP address of the client. For more information, see Obtain the originating IP addresses of requests.Originating IP Address
The name of the HTTP header that contains the originating IP address of the client.
In most cases, the
X-Forwarded-Forheader is used to record the originating IP address of the client. If you use a custom header to record the originating IP address of the client, specify the custom header for Originating IP Address. After Anti-DDoS Proxy forwards back-to-origin requests to your origin server, your origin server parses the custom header to obtain the originating IP address of the client.Custom Header
You can add custom HTTP headers to requests that pass Anti-DDoS Proxy to mark the requests. To add custom HTTP headers, specify header names and values. After you create custom headers, Anti-DDoS Proxy adds the custom headers to the back-to-origin requests. This way, the backend servers can perform statistical analysis on the back-to-origin requests.
Do not use the following default headers as custom headers:
X-Forwarded-ClientSrcPort: This header is used to obtain the originating ports of clients that access Anti-DDoS Proxy (a Layer 7 proxy).X-Forwarded-ProxyPort: This header is used to obtain the ports of listeners that access Anti-DDoS Proxy (a Layer 7 proxy).X-Forwarded-For: This header is used to obtain the originating IP addresses of clients that access Anti-DDoS Proxy (a Layer 7 proxy).
Do not use standard HTTP headers (such as Host, User-Agent, Connection, and Upgrade) or widely-used custom HTTP headers (such as X-Real-IP, X-True-IP, X-Client-IP, Web-Server-Type, WL-Proxy-Client-IP, EagleEye-RPCID, EagleEye-TraceID, X-Forwarded-Cluster, and X-Forwarded-Proto). If you use the above headers, the original headers are overwritten.
You can add up to five custom HTTP headers.
Click Next and follow the on-screen instructions to complete the modification.