True IP Extraction

How to verify that the IP being detected is the true IP of the client making the request to your application

The Integration tab provides details on each stage of the on-boarding process, and allows you to monitor the process step-by-step.

PerimeterX detection is based on the True IP of the traffic. In order to properly detect traffic on your site, PerimeterX must be able to detect the true IP of the client making the request on your application. The True IP Extraction Configuration allows you to configure and then test whether the extraction integration is working, and allows you to add new endpoints to test, and new headers to be included in the IP Extraction configuration and testing. The True IP Extraction tool can extract true IPs from both IPv4 and IPv6.

To test the True IP Extraction Integration:

  1. Select which application to configure and test.
  2. Enter the HTTP headers that may contain the True IP. The headers should be sorted according to the likelihood that they contain the True IP (from most likely to least likely). You can drag and drop the headers to order them according to the likelihood that they contain the True IP.
  3. Click Add Header to add additional headers to include in the IP Extraction test and to the extraction process and integration.
  • A header can include a lot of data separated by a ";" (no spaces), and optionally, an index in the header referring to a specific section in the header (numbers only, starting with 1).
  • Advanced Configuration allows you to add a condition that if the header has a value of X then the True IP appears in Header Y Index Z. Conditional headers should be placed first in order to shorten the order of the header flow.
  1. Specify all possible endpoints for server requests to test.
  • Click +Add endpoint to add a new endpoint.
  1. Click Test.
    The results of the True IP Extraction Test display the status of each domain that was tested, as well as the details of the status. When PerimeterX found the True IP in one of the defined headers, a success message is shown. When PerimeterX found a different IP than expected in the header definition, an error message is shown.
  2. Click Apply Changes to save the order of the headers and content of the headers to Production.
    The list of most recently tested endpoints is saved per application even when the changes have been applied in Production.

Did this page help you?