Real client IP in the error logs when a server is behind a reverse proxy

Mik J mikydevel at
Thu Jun 30 12:56:35 UTC 2022

I have a real server placed behing my reverse proxywww server <---> reverse proxy <---> NAT Firewall <---> Interrnet <---> Client on Internet
My configuration on my reverse proxy ( looks like that     location ^~ / {
        proxy_pass    ;
        proxy_redirect          off;
        proxy_set_header        Host                    $http_host;
        proxy_set_header        X-Real-IP               $remote_addr;
        proxy_set_header        X-Forwarded-For         $proxy_add_x_forwarded_for;
        proxy_set_header        Referer                 "";

My configuration on my www server ( on the vhost looks like thatserver {
        access_log /var/log/nginx/ xforwardedLog;        error_log /var/log/nginx/;
and in nginx.conf
http {
log_format  xforwardedLog   '$remote_addr forwarded for $http_x_real_ip - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent"';

On my www server I can see the access logs forwarded for 54.38.10x.x - - [30/Jun/2022:13:44:38 +0200] "GET / HTTP/1.0" 200 7112 "" "Mozilla/1.22 (compatible; MSIE 5.01; PalmOS 3.0) EudoraWeb 2.1"And it works correctly for me because I can see the IP of the user on the Internet
But on the error.log I don't see the IP of the user on the Internet2022/06/28 16:12:27 [error] 45747#0: *11 access forbidden by rule, client:, server:, request: "GET /.git/config HTTP/1.0", host: " <MY PUBLIC IP>", referrer: ""So here as you can see in the logs my client is the reverse proxy and not the client on the Internet
So in access logs can get the IP of the Internet use
How can I get the IP of the Internet user when it generates an error log ?
Thank you

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the nginx mailing list