Too Many Forwarded IP Addresses
Production Risk
Low — typically only occurs with misconfigured proxy chains or header spoofing attempts.
463 is used by AWS Application Load Balancer to indicate that the X-Forwarded-For header contained too many IP addresses. AWS ALB limits the number of IPs in this header and rejects requests that exceed the limit.
- 1The X-Forwarded-For header has more than the ALB-supported number of IP entries (typically more than 30).
- 2The request passed through many proxy layers or a misconfigured proxy chain that appended excessive IPs.
- 3A client or intermediary is spoofing the X-Forwarded-For header with many IP addresses.
A request routed through many proxies arrives at AWS ALB with a very long X-Forwarded-For header.
GET /api/data HTTP/1.1 Host: myapp.elb.amazonaws.com X-Forwarded-For: 1.1.1.1, 2.2.2.2, 3.3.3.3, ... (30+ IPs)
expected output
HTTP/1.1 463 (AWS ALB rejects the request)
Fix
Trim the X-Forwarded-For header in upstream proxies
WHEN Legitimate proxy chains are building up too many IPs.
# nginx — truncate X-Forwarded-For to last 2 hops proxy_set_header X-Forwarded-For $remote_addr;
Why this works
Resets the X-Forwarded-For chain to just the direct client IP, preventing accumulation.
✕ Do not blindly pass X-Forwarded-For through every proxy
Each proxy appending its own value can exceed the ALB limit.
AWS Application Load Balancer specific. Not a standard IETF code.
AWS Application Load Balancer documentation
https://en.wikipedia.org/wiki/List_of_HTTP_status_codes#463 ↗Content generated with AI assistance and reviewed for accuracy. Found an error? hello@errcodes.dev