Real client IP in the error logs when a server is behind a reverse proxy
Mik J
mikydevel at yahoo.fr
Thu Jun 30 22:40:15 UTC 2022
Thank you for your answers,
Matthew, I use Openbsd
Nanaya, I tried your solution and it worked. I had to readapt a bit my configuration (removed xforwardedLog) so that my access_log is formated without duplicate IPs.
Regards
Le jeudi 30 juin 2022 à 17:17:01 UTC+2, nanaya <me at nanaya.pro> a écrit :
Hello,
You need to set the reverse proxy ip in the www server:
https://nginx.org/r/set_real_ip_from
Also note this will replace $remote_addr with the value from X-Real-IP header (the original value is in $realip_remote_addr).
On Thu, Jun 30, 2022, at 21:56, Mik J via nginx wrote:
> Hello,
>
> My configuration on my www server (192.168.1.10) on the vhost looks like that
> server {
> ...
> access_log /var/log/nginx/mylogs.mydomain.org.access.log xforwardedLog;
> error_log /var/log/nginx/ mylogs.mydomain.org.error.log;
>
> and in nginx.conf
> http {
> ...
> log_format xforwardedLog '$remote_addr forwarded for $http_x_real_ip
> - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent '
> '"$http_referer" "$http_user_agent"';
>
> On my www server 192.168.1.10 I can see the access logs
> 192.168.1.20 forwarded for 54.38.10x.x - - [30/Jun/2022:13:44:38 +0200]
> "GET / HTTP/1.0" 200 7112 "http://app.mydomain.org" "Mozilla/1.22
> (compatible; MSIE 5.01; PalmOS 3.0) EudoraWeb 2.1"
> And it works correctly for me because I can see the IP of the user on
> the Internet
>
> But on the error.log I don't see the IP of the user on the Internet
> 2022/06/28 16:12:27 [error] 45747#0: *11 access forbidden by rule,
> client: 192.168.1.20, server: app.mydomain.org, request: "GET
> /.git/config HTTP/1.0", host: " <MY PUBLIC IP>", referrer:
> "http://app.mydomain.org"
> So here as you can see in the logs my client 192.168.1.20 is the
> reverse proxy and not the client on the Internet
>
> So in access logs
> http://nginx.org/en/docs/http/ngx_http_log_module.html
> I can get the IP of the Internet use
>
> How can I get the IP of the Internet user when it generates an error log ?
>
_______________________________________________
nginx mailing list -- nginx at nginx.org
To unsubscribe send an email to nginx-leave at nginx.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220630/62b0ee7f/attachment.htm>
More information about the nginx
mailing list