Origin Client Source Identification

Only applicable to MetaDefender Core version 4.19.0 or above.

By default, when triggering scan from client through a load balancer or proxy server, MetaDefender Core’s Nginx web server will not identify the original client source (but the load balancer or proxy server’s address instead).

In order to force Nginx web server to trace back the origin client source:

1.) Create a “extra.conf” file

  • On Windows, under <Installation Directory>\nginx\

  • On Linux, under /etc/ometascan/nginx.d/

real_ip_header X-Forwarded-For;
real_ip_recursive on;

Make sure to change “” to your actual load balancer or proxy server address.

2.) A restart of the “OPSWAT Metadefender Core” service is required.