Web server returns webpage from wrong country

book

Article ID: 168384

calendar_today

Updated On:

Products

Web Security Service - WSS

Issue/Introduction

Many websites offer localized pages to deliver content to the user that is specific to that user's region.  Sometimes users may inadvertently receive data pages localized for a different country and language.

Cause

Probable Cause I
When the site you're going to has geo-located your physical location incorrectly you could be redirected to the "presumed" closer or correct webserver. If the server is checking its own database or querying another for origination location and the information is outdated, this can cause the problem of seeing the wrong and/or expected page. IP blocks are registered to different countries and this registration information is used by the webserver to determine what page to deliver to the end user.

Probable Cause II
Another cause for this is when blocks from the public IP address space is used internally as opposed to using the private IP address ranges. If you're using public IP addresses for your internal network always confirm that the address ranges are specific to your country of origin. In an environment where the addresses are NAT'd, X-Fowarded-For information in the http header "might" be added for internal addresses. Some websites look at the header information and make decisions based upon the IP address and RIR (registries).

Resolution

Change internal (private) address scheme to use only IP addresses in the private ranges
Or
Disable X-Forwarded-For in your edge/proxy devices.