Real client IP in the error logs when a server is behind a reverse proxy
Matthew J Black
duluxoz at gmail.com
Thu Jun 30 12:59:28 UTC 2022
What linux distro is NginX running on?
PEREGRINE IT Signature
*Matthew J BLACK*
M.Inf.Tech.(Data Comms)
MBA
B.Sc.
MACS (Snr), CP, IP3P
When you want it done /right/ ‒ the first time!
Phone: +61 4 0411 0089
Email: matthew at peregrineit.net <mailto:matthew at peregrineit.net>
Web: www.peregrineit.net <http://www.peregrineit.net>
View Matthew J BLACK's profile on LinkedIn
<http://au.linkedin.com/in/mjblack>
This Email is intended only for the addressee. Its use is limited to
that intended by the author at the time and it is not to be distributed
without the author’s consent. You must not use or disclose the contents
of this Email, or add the sender’s Email address to any database, list
or mailing list unless you are expressly authorised to do so. Unless
otherwise stated, PEREGRINE I.T. Pty Ltd accepts no liability for the
contents of this Email except where subsequently confirmed in
writing. The opinions expressed in this Email are those of the author
and do not necessarily represent the views of PEREGRINE I.T. Pty
Ltd. This Email is confidential and may be subject to a claim of legal
privilege.
If you have received this Email in error, please notify the author and
delete this message immediately.
On 30/06/2022 22:56, Mik J via nginx wrote:
> Hello,
>
> I have a real server placed behing my reverse proxy
> www server 192.168.1.10 <---> 192.168.1.20 reverse proxy <---> NAT
> Firewall <---> Interrnet <---> Client on Internet
>
> My configuration on my reverse proxy (192.168.1.20) looks like that
> location ^~ / {
> proxy_pass http://192.168.1.10:80;
> proxy_redirect off;
> proxy_set_header Host $http_host;
> proxy_set_header X-Real-IP $remote_addr;
> proxy_set_header X-Forwarded-For
> $proxy_add_x_forwarded_for;
> proxy_set_header Referer "http://app.mydomain.org";
> }
>
>
> My configuration on my www server (192.168.1.10) on the vhost looks
> like that
> server {
> ...
> access_log /var/log/nginx/mylogs.mydomain.org.access.log
> xforwardedLog;
> error_log /var/log/nginx/ mylogs.mydomain.org.error.log;
>
> and in nginx.conf
> http {
> ...
> log_format xforwardedLog '$remote_addr forwarded for $http_x_real_ip
> - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent '
> '"$http_referer" "$http_user_agent"';
>
> On my www server 192.168.1.10 I can see the access logs
> 192.168.1.20 forwarded for 54.38.10x.x - - [30/Jun/2022:13:44:38
> +0200] "GET / HTTP/1.0" 200 7112 "http://app.mydomain.org"
> "Mozilla/1.22 (compatible; MSIE 5.01; PalmOS 3.0) EudoraWeb 2.1"
> And it works correctly for me because I can see the IP of the user on
> the Internet
>
> But on the error.log I don't see the IP of the user on the Internet
> 2022/06/28 16:12:27 [error] 45747#0: *11 access forbidden by rule,
> client: 192.168.1.20, server: app.mydomain.org, request: "GET
> /.git/config HTTP/1.0", host: " <MY PUBLIC IP>", referrer:
> "http://app.mydomain.org"
> So here as you can see in the logs my client 192.168.1.20 is the
> reverse proxy and not the client on the Internet
>
> So in access logs
> http://nginx.org/en/docs/http/ngx_http_log_module.html
> I can get the IP of the Internet use
>
> How can I get the IP of the Internet user when it generates an error log ?
>
> Thank you
>
>
>
>
> _______________________________________________
> nginx mailing list --nginx at nginx.org
> To unsubscribe send an email tonginx-leave at nginx.org
--
This email has been checked for viruses by Avast antivirus software.
https://www.avast.com/antivirus
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220630/282a1f60/attachment.htm>
More information about the nginx
mailing list