When working with web applications behind a reverse proxy or a load balancer, it becomes crucial to log the original IP address of the client, rather than the IP of the proxy. The X-Forwarded-For HTTP header is a standard solution to address this challenge, allowing the original IP address of a client connecting to a web server through an HTTP proxy or a load balancer to be captured and logged.
Apache, as a popular web server, can be configured to capture the X-Forwarded-For header value, providing better transparency about the traffic sources.
Many web servers and reverse proxies (like Nginx or HAProxy) automatically add this header. This guide will walk you through the process of ensuring that the Apache web server logs the X-Forwarded-For header value correctly.
$ sudo nano /etc/apache2/apache2.conf
Location might vary depending on your OS and Apache installation.
LogFormat "%h %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i" "%{X-Forwarded-For}i"" combined
CustomLog ${APACHE_LOG_DIR}/access.log combined
$ sudo systemctl reload apache2
Command may vary based on your operating system and Apache version. It's generally a good idea to use reload instead of restart to apply configuration changes without dropping connections.
$ tail /var/log/apache2/access.log
Check the last lines of the log file to see recent access records and verify if X-Forwarded-For IP is correctly logged.
By following these steps, you'll ensure that Apache correctly logs the original client IP address, providing clearer insights into your traffic sources and assisting in troubleshooting or monitoring tasks.
Comment anonymously. Login not required.