This topic describes how to configure header settings with regards to personalization in a CDN environment for Episerver CMS.
How it works
In Content Delivery Networks (CDNs), requests to the web server often come from an edge server and not from the actual client; therefore the HttpContext.Request.UserHostAddress property reflects the edge server's IP address rather than the connecting client's.
When personalizing content based on the client's IP address (for example, geolocation), the content should be based on the client's IP address and not the edge server's.
CDNs forward the connecting client information in the HTTP headers, so to be able to personalize content based on IP address in a CDN, you need to configure the header with true IP (change the header name based on the header sent from the CDN, the header name differs between CDNs):
<appSettings> <add key="episerver:ClientIPAddressHeader" value="True-Client-IP" /> </appSettings>
Using X-Forwarded-For header
Header X-Forwarded-For is supported by most CDNs, this header contains a comma separated list of IP addresses, one for each CDN/proxy that a request passes through. This header is supported by using the same setting.
<appSettings> <add key="episerver:ClientIPAddressHeader" value="X-Forwarded-For" /> </appSettings>
It is possible to specify the number of CDNs/proxies the header is expected to contain. Default value is 1, change this value if more than one CDN or proxy is used.
<appSettings> <add key="episerver:ClientIPAddressProxyCount" value="2" /> </appSettings>
Note: The reason the number of CDNs/proxies has to be specified is to protect against IP spoofing. The setting episerver:ClientIPAddressProxyCount is available as of CMS.Core 9.3.2, in previous versions the default value of 1 cannot be changed.
Retrieving Geographic location
Some CDN providers, such as Cloudflare, also provide a feature where the CDN identifies the geographic location of a visitor and adds the country code in one of the headers passed to the web server. As of version 11.9.0 of CMS, it is now possible to base geographic personalization on this header rather than doing a separate IP lookup using a Geolocation Provider. To enable this feature, you need to specify which header should be used to retrieve the country code.
<appSettings> <add key="episerver:ClientLocationHeader" value="CF-IPCountry" /> </appSettings>
Note that header-based geolocation is only used when no Geolocation provider has been configured and that it is limited to Country and Continent locations. This feature is turned on by default for all Episerver Customer-Centric Digital Experience Platform (DXP) customers.
Last updated: Jun 18, 2018