mod_rpaf enabled; still apache log showing 127.0.0.1 as source !!

Axel ar at xlrs.de
Mon Apr 28 13:42:10 UTC 2014


You only need one.

If you use mod_rpaf you have need to configure it like Maxim told you. 
If you change your common logformat to log x-forwarded-for headers you 
don't need mod_rpaf

regards, Axel

On 2014-04-28 16:13, Joydeep Bakshi wrote:
> Even IP get logged when disable the rpaf !!!
> little confused.
> 
> On Mon, Apr 28, 2014 at 7:36 PM, Joydeep Bakshi
> <joydeep.bakshi at netzrezepte.de> wrote:
> 
>> Hello Axel & Maxim,
>> 
>> I have modified the apache log format as below
>> 
>> LogFormat "%{X-Forwarded-For}i %l %u %t "%r" %>s %b "%{Referer}i"
>> "%{User-Agent}i"" common
>> 
>> and get the source IP at /var/log/apache/access.log  
>> 
>> I wonder if I there is any scope to add more info in the common log
>> as it is a production server. And also need the same for ErrorLog
>> too.
>> 
>> Any suggestion ?
>> 
>> Thanks
>> 
>> On Mon, Apr 28, 2014 at 7:25 PM, Maxim Dounin <mdounin at mdounin.ru>
>> wrote:
>> 
>>> Hello!
>>> 
>>> On Mon, Apr 28, 2014 at 07:03:28PM +0530, Joydeep Bakshi wrote:
>>> 
>>>> Hello list,
>>>> 
>>>> To get the wan IP in apache log I have already enabl mod_rapf
>>> in opensude
>>>> server.
>>>> 
>>>> # a2enmod rpaf mod_rpaf
>>>> "rpaf" already present
>>>> 
>>>>  a2enmod  mod_rpaf
>>>> "mod_rpaf" already present
>>>> 
>>>> Here is a nginx vhost section for passing IP to apache log
>>>> 
>>>> [......]
>>>>   proxy_redirect off; # Do not redirect this proxy - It needs
>>> to be
>>>> pass-through
>>>>   proxy_set_header Host $host;
>>>>   proxy_set_header X-Real-IP $remote_addr;
>>>>   proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
>>>>   proxy_set_header X-Server-Address $server_addr;
>>>>   proxy_pass_header Set-Cookie;
>>>> [......]
>>>> 
>>>> After restarting both apache and nginx, the apache log for that
>>> specific
>>>> vhost still showing 127.0.0.1 as source IP at apache log.
>>>> 
>>>> Am I missing something ?
>>> 
>>> Most notably, you've missed configuration of mod_rpaf.  It needs
>>> to be enabled in configuration, and you have to at least
>>> configure
>>> IP address it will accept headers from, as well as a header to
>>> look into.
>>> 
>>> http://www.stderr.net/apache/rpaf/ [1]
>>> 
>>> --
>>> Maxim Dounin
>>> http://nginx.org/ [2]
>>> 
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx [3]
> 
> 
> 
> Links:
> ------
> [1] http://www.stderr.net/apache/rpaf/
> [2] http://nginx.org/
> [3] http://mailman.nginx.org/mailman/listinfo/nginx
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx



More information about the nginx mailing list