Apache mod_remoteip and access logs

Question

Since Apache 2.4 I've started using mod_remoteip instead of mod_extract_forwarded for rewriting client address from x-forwarded-for provided by frontend servers (varnish, squid, apache etc).

So far everything works fine with the modules, i.e. php, cgi, wsgi etc... - client addresses are shown as they should be, but I couldn't write client address in access logs (%a, %h, %{c}a). No luck - I'm always getting 127.0.0.1 (localhost forward ex.).

How to log client's ip address when using mod_remoteip?

Update: IT WORKS O_O - see answer below

you might want to add the specific config you use/tested. Additionally, while not in details, this might help: knowledgevoid.com/blog/2012/01/13/… I assume you did read httpd.apache.org/docs/trunk/mod/mod_remoteip.html#page-header aswell? stackexchange has a few questions you might want to read: stackoverflow.com/questions/25455731/… — Dennis Nolte
– Dennis Nolte, Commented Aug 25, 2014 at 10:34

GioMac · Accepted Answer · 2014-08-25 22:46:56Z

varnish configuration:

if (req.restarts == 0) { if (req.http.X-Forwarded-For) { set req.http.X-Forwarded-For = req.http.X-Forwarded-For + ", " + client.ip; } else { set req.http.X-Forwarded-For = client.ip; } }

apache 2.4 configuration sections:

mod_remoteip:

RemoteIPHeader X-Forwarded-For RemoteIPInternalProxy 127.0.0.1/8

logging (%a does the job):

LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

+

if there is a nginx in front (ex. SSL termination):

server { listen 123.123.123.123:443; server_name server.com; root html; ssl on; ssl_certificate /etc/pki/httpd/site/chain.crt; ssl_certificate_key /etc/pki/httpd/site/private.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers HIGH:!aNULL:!MD5; ssl_prefer_server_ciphers on; location / { proxy_pass http://127.0.0.1:6081; proxy_set_header Host $http_host; proxy_pass_header Server; proxy_set_header X-Forwarded-For $remote_addr; } }

If you accept this answer, you should award the bounty, even if it's your own answer. — mc0e
– mc0e, Commented Aug 31, 2014 at 6:36
Would you please update this, or give us the variation for http.cf-connecting-ip from CloudFlare? Have not had any luck making it to work, sorry. — Ruslan Abuzant
– Ruslan Abuzant, Commented Mar 9, 2016 at 17:14
You should actually use $proxy_add_x_forwarded_for instead of $remote_addr for Nginx X-Forwarded-For. That does the same functionality as the Varnish example, whereas $remote_addr doesn't include previous X-Forwarded-For values — Andy
– Andy, Commented Aug 10, 2017 at 18:11

Sgaduuw · Accepted Answer · 2014-08-25 10:30:17Z

According to mod_remoteip's documentation, the module should simply replace the client IP address, but only when RemoteIPHeader x-forwarded-for is set (doc). Also make sure, your vhost's logging makes use of the CustomLog you have defined.

this should be accepted answer

Chang Zhao
– Chang Zhao

2021-10-15 20:21:02 +00:00
Commented Oct 15, 2021 at 20:21 — Chang Zhao
– Chang Zhao, Commented Oct 15, 2021 at 20:21

Stack Exchange Network

Apache mod_remoteip and access logs

2 Answers 2

You must log in to answer this question.

Hot Network Questions

Apache mod_remoteip and access logs

2 Answers 2

You must log in to answer this question.

Related

Hot Network Questions