On Sat, Apr 08, 2017 at 08:48:43PM +0200, Thuban wrote: > Hello, > I use relayd to deal with HTTP headers as suggested here [1]. > My problem is that in httpd logs, the origin IP is 127.0.0.1 and thats > not very handy to track bruteforce attacks (in example). > > Do you have any advice to keep the visitor IP in logs ? > > [1] : > https://github.com/reyk/httpd/wiki/Using-relayd-to-add-Cache-Control-headers-to-httpd-traffic > -- > :thuban: >
Hey, It's commonly done by adding a X-Forwarded-For header with the origin IP. >From the relayd.conf(5) man page: http protocol "https" { match header append "X-Forwarded-For" \ value "$REMOTE_ADDR" match header append "X-Forwarded-By" \ value "$SERVER_ADDR:$SERVER_PORT" ... snip snip ... } I hope this helps you, -- Kind regards, Hiltjo