Incapsula is deployed as a reverse proxy in front of your ASP/.NET application. This means that all traffic coming to your site through Incapsula will be seen as coming from one of Incapsula IPs.
In order to make sure that your application gets the correct user IP you will need to make some modifications to way the IP is extracted.
Unfortunately, we don’t have an ASP/.NET extension yet. However, there are simple online solutions that will do the job.
For ASP/.NET applications you have two options:
1) Modify your code to extract the true visitor IPs:
Incapsula injects a dedicated header to each request that includes the original client IP (INCAP-CLIENT-IP). You should use this header to extract the client IP anywhere in the code where the client IP is referenced.
Usually the IP is extracted with ServerVariables("REMOTE_ADDR") and instead you should use ServerVariables("HTTP_INCAP_CLIENT_IP"). If you do this, make sure that the Incapsula header really exists before making the extraction and otherwise use "REMOTE_ADDR".
You can also extract the IP from the X-Forwarded-For header. See example on how to do this here: http://stackoverflow.com/questions/735350/how-to-get-a-users-client-ip-address-in-asp-net.
2) Use an ISAPI filter to extract the original client IP from the X-Forwarded-For header:
We do not have an Incapsula ISAPI filter yet, but there are public solutions that will work just as good (http://devcentral.f5.com/weblogs/Joe/archive/2009/08/19/x_forwarded_for_log_filter_for_windows_servers.aspx).
This last is dated August 21, 2011. Will you EVER have an ASP/.NET extension that shows the original client IP address?
We have been using arr_helper_x64 linked to in this blog post for a while now on 2012/2012R2: http://blogs.iis.net/anilr/archive/2009/03/03/client-ip-not-logged-on-content-server-when-using-arr.aspx . It has been working very well.
our website written with coldfusion, how we can extracting information from HTTP headers in order to get the client IP?
In case anyone wants to know, IIS 8.5 can natively log X-Forwared-For without any plugins. Same with Apache. Check out this blog post: http://www.bauer-power.net/2017/11/how-to-log-x-forwarded-for-events-in.html