Difference between revisions of "Install mod extact forward - Show Real IP behind Proxy"

Revision as of 19:57, 29 January 2014

How to Show the Real IP when Behind a Proxy

If you are using a load-balancing proxy such as squid, apache itself or caching such as Varnish, you will only find the proxy’s IP in your apache’s access/error logs. One way to fix this issue is to install mod_extract_forwarded which is in the EPEL repo.

Lets first install the EPEL repo.

wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -Uvh epel-release-6*.rpm

Now you can use yum to install mod_extract_forwarded.

 yum install mod_extract_forwarded

Be sure to enter only the IP address of YOUR load-balancing proxy, no other proxies or even all proxies, otherwise you could find many fake IP addresses in your logs. I am using Varnish Cache with the internal ipaddress of 127.0.0.2.

Now you need to add the proxy ipaddress to the configuration file

echo 'MEFaccept 127.0.0.2' >> /etc/httpd/conf.d/mod_extract_forwarded.conf

Now make sure everything is setup correct with apache

httpd -t

Once you get Syntax OK

httpd -k restart

or

service httpd restart

Now just check your apache logs, you should be seeing the correct ip in the logs.

tail -f /var/log/httpd/access.log