Difference between revisions of "Install mod extact forward - Show Real IP behind Proxy"
From Brian Nelson Ramblings
(→How to Show the Real IP when Behind a Proxy) |
(→Now just check your apache logs, you should be seeing the correct ip in the logs.) |
||
Line 33: | Line 33: | ||
tail -f /var/log/httpd/access.log | tail -f /var/log/httpd/access.log | ||
+ | |||
+ | ===Additional Reads=== | ||
+ | |||
+ | * [[How to setup an SSL Certificate for Free]] | ||
+ | * [[Enable Apache to Create Core Dumps]] | ||
+ | * [[Enable php-fpm to create core dumps]] | ||
+ | * [[Debug PHP Enabling slow_log]] |
Revision as of 20:00, 29 January 2014
Contents
How to Show the Real IP when Behind a Proxy
If you are using a load-balancing proxy such as squid, apache itself or caching such as Varnish, you will only find the proxy’s IP in your apache’s access/error logs. One way to fix this issue is to install mod_extract_forwarded which is in the EPEL repo.
Lets first install the EPEL Repo
wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm rpm -Uvh epel-release-6*.rpm
Install mod_extract_forwarded with YUM
yum install mod_extract_forwarded
Be sure to enter only the IP address of YOUR load-balancing proxy, no other proxies or even all proxies, otherwise you could find many fake IP addresses in your logs. I am using Varnish Cache with the internal ipaddress of 127.0.0.2.
Now you need to add the proxy ipaddress to the configuration file
echo 'MEFaccept 127.0.0.2' >> /etc/httpd/conf.d/mod_extract_forwarded.conf
Now make sure everything is setup correct with apache
httpd -t
Once you get Syntax OK
httpd -k restart
or
service httpd restart
Now just check your apache logs, you should be seeing the correct ip in the logs.
tail -f /var/log/httpd/access.log