Are you behind a load balancer/reverse proxy? It sounds like you just want to
change your LogFormat in the httpd.com, something like
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\"" reverseproxy
Then in your custom log
CustomLog /xxxx/access.log reverseproxy
From: Rajeev Prasad [mailto:[email protected]]
Sent: Tuesday, September 25, 2012 12:07 AM
To: [email protected]
Subject: Re: [users@httpd] wrong IP address in apache logs
thx. i looked up the environment variables coming in from browser, and i see
this:
HTTP_VIA: 1.1 some_other_PROXY_FQDN:8080 (squid/2.7.STABLE7), 1.0
my_browser_PROXY_FQDN:8080 (squid/2.6.STABLE22)
HTTP_X_FORWARDED_FOR: <right_IP_of_accessing_PC>, <IP_of_proxy>
PATH: /usr/local/bin:/usr/bin:/bin
QUERY_STRING:
REMOTE_ADDR: <wrong_IP_of_some_unrelated_server>
REMOTE_PORT: 15930
I would also mention that, another website running on same box, using mysql
authentication, is registering correct IPs in the log.
Another thing to note is: yet another virtual website on the same box, using
external authentication - was - also recording the right IP !!!
somehow it seems only this website is not recording the right IP.....
I read that link, but did not understand much.
my issue is how to get right IP in the server logs?
pl advice.
ty.
Rajeev
_____
From: John Karr <[email protected]>
To: [email protected]
Sent: Monday, September 24, 2012 9:51 PM
Subject: RE: [users@httpd] wrong IP address in apache logs
You may want to look at: reverse proxy add forward module for Apache
(mod_rpaf). It cleaned up a big headache for me. You define a list of your
possible proxy sources and what your x-forwarded header is, and it just takes
care of it. The developer’s site is http://stderr.net/apache/rpaf/
Although maintained outside the Apache Project it has been available in Ubuntu
since at least Hardy. (package name: libapache2-mod-rpaf). Also since 10.10 is
no longer supported, you’ll need to upgrade your system to install any
packages.
From: Rajeev Prasad [mailto:[email protected]]
Sent: Monday, September 24, 2012 7:49 PM
To: apache list
Subject: [users@httpd] wrong IP address in apache logs
Hello,
I am using authentication from another site in intranet (redirect user), but i
am expecting the user's PC IP in the apache logs. I am not seeing that, I
sometimes see VPN IP (when I come over VPN) or IP of a server, which is
entirely different hardware. has no connection to mine.
can anyone help understand and resolve this issue? None of the users coming to
site show their PC IP address in log. I want to fix this ASAP.
server: ubuntu 10.10
apache: 2.2.16
I have following in my site config, in virtual host config:
ErrorLog ${APACHE_LOG_DIR}/mywebsite.error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/mywebsite.access.log combined
ty.
