Simon Willison’s Weblog

24th June 2008 - Link Blog

mod_rpaf for Apache. A more secure alternative to Django’s equivalent middleware: sets the REMOTE_ADDR of incoming requests from whitelisted load balancers to the X-Forwarded-For header, without any risk that if the load balancers are missing attackers could abuse it to spoof their IP addresses.

Posted 24th June 2008 at 5:02 pm

Recent articles

Porting the Moebius 0.2B image inpainting model to run in the browser with Claude Code - 22nd June 2026
sqlite-utils 4.0rc1 adds migrations and nested transactions - 21st June 2026
Datasette Apps: Host custom HTML applications inside Datasette - 18th June 2026

This is a link post by Simon Willison, posted on 24th June 2008.

apache 37 django 588 http 124 load-balancing 13 middleware 13 modrpaf 1 rpaf 1 security 612 xforwardedfor 1

Monthly briefing

Sponsor me for $10/month and get a curated email digest of the month's most important LLM developments.

Pay me to send you less!

Sponsor & subscribe