Bug ID 738197: IP address from XFF header is not taken into account when there are trailing spaces after IP address

Last Modified: Sep 14, 2023

Affected Product(s):
BIG-IP ASM, AVR(all modules)

Known Affected Versions:
13.1.0,,,,,,,,, 13.1.1,,,, 14.0.0,,,,,, 14.0.1,, 14.1.0,,,,,, 14.1.2,,,,,,,,, 14.1.3,, 14.1.4,,,,,,, 14.1.5,,,,,

Fixed In:

Opened: Jul 25, 2018

Severity: 3-Major


X-FORWARDED-FOR (XFF) header is ignored by BIG-IP ASM even though usage of XFF is enabled in HTTP profile. In DoS statistics, the original source IP is reported (instead of one taken from XFF).


Source IP is not reported as expected in all BIG-IP reports.


There are spaces after IP address in the XFF header.


Configure the proxy server to not add trailing spaces after the IP address in the XFF header.

Fix Information

Trailing spaces are now ignored when extracting IP addresses from XFF headers in AVR.

Behavior Change

Guides & references

K10134038: F5 Bug Tracker Filter Names and Tips