hmpf - with "mod_rpaf" on httpd 2.4 the access-log-ip is correct but the "REMOTE_ADDR" variable in PHP-scripts has the proxy-IP
means i can not upgrade production to 2.4 because "mod_remoteip" will destory usages and "mod_rpaf" security because you have inside php-scripts a LAN address from the proxy "mod_rpaf" on httpd 2.2 replaces for sure ANY place like access-log, error-log and REMOTE_ADDR in scripts with the "X-Forwarded-For" from the trusted apache trafficserver SERVER_ADDR 10.0.0.99 SERVER_PORT 8080 REMOTE_ADDR 10.0.0.103 Am 23.01.2013 18:08, schrieb Reindl Harald: > however: > http://vova-zms.blogspot.co.at/2012/07/install-modrpaf-with-apache-24.html > > patched "mod_rpaf" works with 2.4 but it would be really nice > to have EXACTLY it's behavior in "mod_remoteip" because i see > no way how i sell my customers chaning usages nor can i change > the configuration of logging because a very mixed environement > of vurtual hosts with or without trafficserver > > Am 23.01.2013 17:06, schrieb Reindl Harald: >> hi >> >> LoadModule remoteip_module "modules/mod_remoteip.so" >> RemoteIPHeader X-Forwarded-For >> RemoteIPInternalProxy 127.0.0.1 10.0.0.4 10.0.0.103 91.118.73.4 >> ________________________ >> >> PHP - fine, exactly how it should do: >> _SERVER["SERVER_ADDR"] 10.0.0.99 >> _SERVER["SERVER_PORT"] 8080 >> _SERVER["REMOTE_ADDR"] 10.0.0.99 >> ________________________ >> >> BUT access-log contains the ip of the apache trafficserver >> this is a major problem for replace mod_rafp with mod_remoteip >> because webalizer-usages are more or less useless >> >> 10.0.0.103 - - [23/Jan/2013:17:01:53 +0100] "GET /images/page/tidy_16.gif >> HTTP/1.1" 304 - >> "http://www.test.rh:8080/"; "Mozilla/5.0 (X11; Linux x86_64; rv:18.0) >> Gecko/20100101 Firefox/18.0" (-%)
signature.asc
Description: OpenPGP digital signature
