Install mod extact forward - Show Real IP behind Proxy

From Brian Nelson Ramblings
Revision as of 19:57, 29 January 2014 by Brian (Talk | contribs) (How to Show the Real IP when Behind a Proxy)

Jump to: navigation, search

How to Show the Real IP when Behind a Proxy

If you are using a load-balancing proxy such as squid, apache itself or caching such as Varnish, you will only find the proxy’s IP in your apache’s access/error logs. One way to fix this issue is to install mod_extract_forwarded which is in the EPEL repo.

Lets first install the EPEL repo. 

wget http://dl.fedoraproject.org/pub/epel/6/x86_64/epel-release-6-8.noarch.rpm
rpm -Uvh epel-release-6*.rpm

Now you can use yum to install mod_extract_forwarded. 

 yum install mod_extract_forwarded

Be sure to enter only the IP address of YOUR load-balancing proxy, no other proxies or even all proxies, otherwise you could find many fake IP addresses in your logs. I am using Varnish Cache with the internal ipaddress of 127.0.0.2.

Now you need to add the proxy ipaddress to the configuration file 

echo 'MEFaccept 127.0.0.2' >> /etc/httpd/conf.d/mod_extract_forwarded.conf

Now make sure everything is setup correct with apache 

httpd -t

Once you get Syntax OK 

httpd -k restart

or 

service httpd restart

Now just check your apache logs, you should be seeing the correct ip in the logs. 

tail -f /var/log/httpd/access.log
Retrieved from "https://briansnelson.com/index.php?title=Install_mod_extact_forward_-_Show_Real_IP_behind_Proxy&oldid=432"