Cloud Server with Windows Server operating system

If the IIS is behind a load balancer, the actual IP of the user is overwritten by the IP of the load balancer. The log file of the IIS web server now only contains the address of the load balancer. To determine the user IP when accessing a web server through a proxy or load balancer, you must evaluate the"X-Forwarded For" header entry in the HTTP protocol. For this purpose, install and activate the IIS extension "Advanced Logging":


You have logged on to the server as administrator.

Please Note

For technical reasons, this manual only works for unencrypted connections!

  • Install the IIS extension Advanced Logging on your web servers.

  • Open the (IIS) Manager

  • In the left navigation bar, under Connections, select the server or site for which you want to change the logging settings.

  • In the IIS area, double-click Advanced Logging.

  • In the right navigation bar, in the Actions section, click Edit Log Fields.

  • Click Add Field... 

    The Add Logging Field window appears.

  • In the Field ID field, enter Forwarded-For.

  • In the Category field, enter Default.

  • In the Source type field, enter Request header.

  • In the Source name field, enter X-Forwarded-For.

  • Click OK.

  • Click OK.

  • Select the protocol definition %COMPUTERNAME% Server.

  • In the Actions section of the right navigation bar, click Edit Log Definition.

  • In the Selected Fields area, click Select fields...

  • Enable the Forwarded-For entry.

  • Click OK.

  • Click Apply in the Actions area of the right navigation.

  • In the left navigation bar of the (IIS) Manager, in the Connections area, select the appropriate server.

  • In the IIS area, double-click Advanced Logging.

  • In the right-hand navigation bar, in the Actions area, click Enable Advanced Logging.

Advanced Logging is now activated.