Real client IP in the error logs when a server is behind a reverse proxy
Mik J
mikydevel at yahoo.fr
Thu Jun 30 12:56:35 UTC 2022
Hello,
I have a real server placed behing my reverse proxywww server 192.168.1.10 <---> 192.168.1.20 reverse proxy <---> NAT Firewall <---> Interrnet <---> Client on Internet
My configuration on my reverse proxy (192.168.1.20) looks like that location ^~ / {
proxy_pass http://192.168.1.10:80;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Referer "http://app.mydomain.org";
}
My configuration on my www server (192.168.1.10) on the vhost looks like thatserver {
...
access_log /var/log/nginx/mylogs.mydomain.org.access.log xforwardedLog; error_log /var/log/nginx/ mylogs.mydomain.org.error.log;
and in nginx.conf
http {
...
log_format xforwardedLog '$remote_addr forwarded for $http_x_real_ip - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent"';
On my www server 192.168.1.10 I can see the access logs 192.168.1.20 forwarded for 54.38.10x.x - - [30/Jun/2022:13:44:38 +0200] "GET / HTTP/1.0" 200 7112 "http://app.mydomain.org" "Mozilla/1.22 (compatible; MSIE 5.01; PalmOS 3.0) EudoraWeb 2.1"And it works correctly for me because I can see the IP of the user on the Internet
But on the error.log I don't see the IP of the user on the Internet2022/06/28 16:12:27 [error] 45747#0: *11 access forbidden by rule, client: 192.168.1.20, server: app.mydomain.org, request: "GET /.git/config HTTP/1.0", host: " <MY PUBLIC IP>", referrer: "http://app.mydomain.org"So here as you can see in the logs my client 192.168.1.20 is the reverse proxy and not the client on the Internet
So in access logshttp://nginx.org/en/docs/http/ngx_http_log_module.htmlI can get the IP of the Internet use
How can I get the IP of the Internet user when it generates an error log ?
Thank you
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220630/02e6d3f0/attachment.htm>
More information about the nginx
mailing list