User Tools

Site Tools


x-forwarded-for

Warning: Undefined variable $html in /usr/share/nginx/html/lib/plugins/tabinclude/helper.php on line 240

x-Forwarded-For

  • CentOS Apache
  • CentOS Nginx (+Varnish)

If you have a server behind a loadbalancer then your web servers access logs may not log the correct IP address, they may log localhost or the ipaddress of the load balancer. Some hosting companies such as Rackspace have their LoadBalancer add a specific header called X-Forwarded-For headers. You can make a few changes to your Apache or nginx config files and vhosts to resolve this issue. Your log files should then read correctly.

Note: If you have SSL termination on your server then the following guides will not work. A load balancer is not able to inject a FORWARDED_TO header into the request because it is not able to decrypt and re-encrypt the packets.

Log files

Before:

 127.0.0.1 - - [09/Jan/2015:11:18:11 +0000] "GET / HTTP/1.1" 200 35891
After:
 94.236.7.x - - [09/Jan/2015:11:21:14 +0000] "GET / HTTP/1.1" 200 35891

Apache

You will first need to edit /etc/httpd/conf/httpd.conf

Once you are in this file you need to locate the LogFormat section. The line you will need to look for and edit is:

LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" forwarded
and change to

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" forwarded

Once you have done this you will need to edit the vhosts for each of your domains. You should change your logs from:

ErrorLog logs/website.co.uk-error_log
CustomLog logs/website.co.uk-access_log common
to

ErrorLog logs/website.co.uk-error_log
CustomLog logs/website.co.uk-access_log forwarded
Now your done! Restart or reload apache and the changes should take place.

You can perform the following command to view the websites log files live:

tail -f -n 5 /var/log/httpd/website-access.log

tail views the last entries in the log file, -f views the log files live, -n 5 views 5 log entries. You should now load the your website in your browser while this command is running to see the ip address appear.

x-forwarded-for.txt · Last modified: 2024/05/23 07:26 by 127.0.0.1

Except where otherwise noted, content on this wiki is licensed under the following license: Public Domain
Public Domain Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki