When placing apache web servers behind a load-balancing proxy like the Nginx or Haproxy or behind a caching proxy like Squid or a BlueCoat proxy, the client IP address from the browser is replaced with the IP address of the load-balancer/proxy. A custom HTTP request header was developed by the squid development team, the X-Forwarded-For header, which has evolved into an industry standard. Systems supporting the X-Forwarded-For header read the IP address, insert it into the X-Forwarded-For header, and pass it along upstream in the http request. Apache and Tomcat can log this address in the server’s access logs but will only do so for those requests that have passed through the proxy. If you send a request directly to your apache server, for testing purposes or monitoring, the IP address will not show up in the logs. If you still want to be able to log the client ip address for systems accessing your server’s directly, this article will help you to log the client ip in apache access log.
In this article I will display how to logged actual client IP address in apache access log.
Log Client IP AND X-Forwarded-For IP in Apache
To extract and log the actual client IP address from the X-Forwarded-For header of a request using an Apache server, make the following changes to the server.
1. Log into the Apache server.
2. Go to /etc/httpd/conf or /usr/local/apache2/conf path and open the file httpd.conf.
3. Search for the string: “LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” combined”
4. Change the %h to %{X-Forwarded-For}i. The string now appears like below.
“LogFormat “%{X-Forwarded-For}i %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” combined”
5. Save the file and restart apache or httpd.
# /etc/init.d/apache restart OR # /etc/init.d/httpd restart
If you find this tutorial helpful please share with your friends to keep it alive. For more helpful topic browse my website www.looklinux.com. To become an author at LookLinux Submit Article. Stay connected to Facebook.
Leave a Comment