ASVS Requirement 15.3.4

• Level: 2
• Chapter: V15 Secure Coding and Architecture
• Section: V15.3 Defensive Coding
• Source: 0x24-V15-Secure-Coding-and-Architecture.md

Description

Verify that all proxying and middleware components transfer the user's original IP address correctly using trusted data fields that cannot be manipulated by the end user, and the application and web server use this correct value for logging and security decisions such as rate limiting, taking into account that even the original IP address may not be reliable due to dynamic IPs, VPNs, or corporate firewalls.