You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by Rajeev Prasad <rp...@yahoo.com> on 2012/09/25 01:48:44 UTC

[users@httpd] wrong IP address in apache logs

Hello,

I am using authentication from another site in intranet (redirect user), but i am expecting the user's PC IP in the apache logs. I am not seeing that, I sometimes see VPN IP (when I come over VPN) or IP of a server, which is entirely different hardware. has no connection to mine.

can anyone help understand and resolve this issue? None of the users coming to site show their PC IP address in log. I want to fix this ASAP.

server: ubuntu 10.10
apache: 2.2.16

I have following in my site config, in virtual host config:

    ErrorLog ${APACHE_LOG_DIR}/mywebsite.error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/mywebsite.access.log combined


ty.

[users@httpd] (resolved) Re: [users@httpd] wrong IP address in apache logs

Posted by Rajeev Prasad <rp...@yahoo.com>.
it was resolved using this help":   http://www.techstacks.com/howto/log-client-ip-and-xforwardedfor-ip-in-apache.html





________________________________
 From: John Karr <br...@brainbuz.org>
To: users@httpd.apache.org 
Sent: Monday, September 24, 2012 9:51 PM
Subject: RE: [users@httpd] wrong IP address in apache logs
 

You may want to look at: reverse proxy add forward module for Apache (mod_rpaf). It cleaned up a big headache for me. You define a list of your possible proxy sources and what your x-forwarded header is, and it just takes care of it. The developer’s site is http://stderr.net/apache/rpaf/
 
Although maintained outside the Apache Project it has been available in Ubuntu since at least Hardy. (package name: libapache2-mod-rpaf). Also since 10.10 is no longer supported, you’ll need to upgrade your system to install any packages. 
 
From:Rajeev Prasad [mailto:rp.neuli@yahoo.com] 
Sent: Monday, September 24, 2012 7:49 PM
To: apache list
Subject: [users@httpd] wrong IP address in apache logs
 
Hello,

I am using authentication from another site in intranet (redirect user), but i am expecting the user's PC IP in the apache logs. I am not seeing that, I sometimes see VPN IP (when I come over VPN) or IP of a server, which is entirely different hardware. has no connection to mine.

can anyone help understand and resolve this issue? None of the users coming to site show their PC IP address in log. I want to fix this ASAP.

server: ubuntu 10.10
apache: 2.2.16

I have following in my site config, in virtual host config:

    ErrorLog ${APACHE_LOG_DIR}/mywebsite.error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/mywebsite.access.log combined


ty.

RE: [users@httpd] wrong IP address in apache logs

Posted by Chris Faust <cf...@doyougot.com>.
Are you behind a load balancer/reverse proxy? It sounds like you just want to change your LogFormat in the httpd.com, something like

 

LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" reverseproxy

 

Then in your custom log

 

CustomLog /xxxx/access.log reverseproxy

 

From: Rajeev Prasad [mailto:rp.neuli@yahoo.com] 
Sent: Tuesday, September 25, 2012 12:07 AM
To: users@httpd.apache.org
Subject: Re: [users@httpd] wrong IP address in apache logs

 

thx. i looked up the environment variables coming in from browser, and i see this:

HTTP_VIA: 1.1 some_other_PROXY_FQDN:8080 (squid/2.7.STABLE7), 1.0 my_browser_PROXY_FQDN:8080 (squid/2.6.STABLE22)
HTTP_X_FORWARDED_FOR: <right_IP_of_accessing_PC>, <IP_of_proxy>
PATH: /usr/local/bin:/usr/bin:/bin
QUERY_STRING: 
REMOTE_ADDR: <wrong_IP_of_some_unrelated_server>
REMOTE_PORT: 15930


I would also mention that, another website running on same box, using mysql authentication, is registering correct IPs in the log.

Another thing to note is: yet another virtual website on the same box, using external authentication - was - also recording the right IP !!!

somehow it seems only this website is not recording the right IP.....

I read that link, but did not understand much.

 

my issue is how to get right IP in the server logs?

 

pl advice.

 

ty.

Rajeev

 

  _____  

From: John Karr <br...@brainbuz.org>
To: users@httpd.apache.org 
Sent: Monday, September 24, 2012 9:51 PM
Subject: RE: [users@httpd] wrong IP address in apache logs





You may want to look at: reverse proxy add forward module for Apache (mod_rpaf). It cleaned up a big headache for me. You define a list of your possible proxy sources and what your x-forwarded header is, and it just takes care of it. The developer’s site is http://stderr.net/apache/rpaf/

 

Although maintained outside the Apache Project it has been available in Ubuntu since at least Hardy. (package name: libapache2-mod-rpaf). Also since 10.10 is no longer supported, you’ll need to upgrade your system to install any packages. 

 

From: Rajeev Prasad [mailto:rp.neuli@yahoo.com] 
Sent: Monday, September 24, 2012 7:49 PM
To: apache list
Subject: [users@httpd] wrong IP address in apache logs

 

Hello,

I am using authentication from another site in intranet (redirect user), but i am expecting the user's PC IP in the apache logs. I am not seeing that, I sometimes see VPN IP (when I come over VPN) or IP of a server, which is entirely different hardware. has no connection to mine.

can anyone help understand and resolve this issue? None of the users coming to site show their PC IP address in log. I want to fix this ASAP.

server: ubuntu 10.10
apache: 2.2.16

I have following in my site config, in virtual host config:

    ErrorLog ${APACHE_LOG_DIR}/mywebsite.error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/mywebsite.access.log combined


ty.

Re: [users@httpd] wrong IP address in apache logs

Posted by Rajeev Prasad <rp...@yahoo.com>.
thx. i looked up the environment variables coming in from browser, and i see this:

HTTP_VIA: 1.1 some_other_PROXY_FQDN:8080 (squid/2.7.STABLE7), 1.0 my_browser_PROXY_FQDN:8080 (squid/2.6.STABLE22)
HTTP_X_FORWARDED_FOR: <right_IP_of_accessing_PC>, <IP_of_proxy>
PATH: /usr/local/bin:/usr/bin:/bin
QUERY_STRING: 
REMOTE_ADDR: <wrong_IP_of_some_unrelated_server>
REMOTE_PORT: 15930


I would also mention that, another website running on same box, using mysql authentication, is registering correct IPs in the log.

Another thing to note is: yet another virtual website on the same box, using external authentication - was - also recording the right IP !!!

somehow it seems only this website is not recording the right IP.....


I read that link, but did not understand much.

my issue is how to get right IP in the server logs?

pl advice.

ty.
Rajeev



________________________________
 From: John Karr <br...@brainbuz.org>
To: users@httpd.apache.org 
Sent: Monday, September 24, 2012 9:51 PM
Subject: RE: [users@httpd] wrong IP address in apache logs
 

You may want to look at: reverse proxy add forward module for Apache (mod_rpaf). It cleaned up a big headache for me. You define a list of your possible proxy sources and what your x-forwarded header is, and it just takes care of it. The developer’s site is http://stderr.net/apache/rpaf/
 
Although maintained outside the Apache Project it has been available in Ubuntu since at least Hardy. (package name: libapache2-mod-rpaf). Also since 10.10 is no longer supported, you’ll need to upgrade your system to install any packages. 
 
From:Rajeev Prasad [mailto:rp.neuli@yahoo.com] 
Sent: Monday, September 24, 2012 7:49 PM
To: apache list
Subject: [users@httpd] wrong IP address in apache logs
 
Hello,

I am using authentication from another site in intranet (redirect user), but i am expecting the user's PC IP in the apache logs. I am not seeing that, I sometimes see VPN IP (when I come over VPN) or IP of a server, which is entirely different hardware. has no connection to mine.

can anyone help understand and resolve this issue? None of the users coming to site show their PC IP address in log. I want to fix this ASAP.

server: ubuntu 10.10
apache: 2.2.16

I have following in my site config, in virtual host config:

    ErrorLog ${APACHE_LOG_DIR}/mywebsite.error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/mywebsite.access.log combined


ty.

RE: [users@httpd] wrong IP address in apache logs

Posted by John Karr <br...@brainbuz.org>.
You may want to look at: reverse proxy add forward module for Apache
(mod_rpaf). It cleaned up a big headache for me. You define a list of your
possible proxy sources and what your x-forwarded header is, and it just
takes care of it. The developer's site is http://stderr.net/apache/rpaf/

 

Although maintained outside the Apache Project it has been available in
Ubuntu since at least Hardy. (package name: libapache2-mod-rpaf). Also since
10.10 is no longer supported, you'll need to upgrade your system to install
any packages. 

 

From: Rajeev Prasad [mailto:rp.neuli@yahoo.com] 
Sent: Monday, September 24, 2012 7:49 PM
To: apache list
Subject: [users@httpd] wrong IP address in apache logs

 

Hello,

I am using authentication from another site in intranet (redirect user), but
i am expecting the user's PC IP in the apache logs. I am not seeing that, I
sometimes see VPN IP (when I come over VPN) or IP of a server, which is
entirely different hardware. has no connection to mine.

can anyone help understand and resolve this issue? None of the users coming
to site show their PC IP address in log. I want to fix this ASAP.

server: ubuntu 10.10
apache: 2.2.16

I have following in my site config, in virtual host config:

    ErrorLog ${APACHE_LOG_DIR}/mywebsite.error.log

    # Possible values include: debug, info, notice, warn, error, crit,
    # alert, emerg.
    LogLevel warn

    CustomLog ${APACHE_LOG_DIR}/mywebsite.access.log combined


ty.

Re: [users@httpd] wrong IP address in apache logs

Posted by Noel Butler <no...@ausics.net>.
On Mon, 2012-09-24 at 16:48 -0700, Rajeev Prasad wrote:
> Hello,
> 
> I am using authentication from another site in intranet (redirect
> user), but i am expecting the user's PC IP in the apache logs. I am
> not seeing that, I sometimes see VPN IP (when I come over VPN) or IP
> of a server, which is entirely different hardware. has no connection
> to mine.
> 
> can anyone help understand and resolve this issue? None of the users
> coming to site show their PC IP address in log. I want to fix this
> ASAP.
> 
> server: ubuntu 10.10
> apache: 2.2.16
> 
> I have following in my site config, in virtual host config:
> 
>     ErrorLog ${APACHE_LOG_DIR}/mywebsite.error.log
> 
>     # Possible values include: debug, info, notice, warn, error, crit,
>     # alert, emerg.
>     LogLevel warn
> 
>     CustomLog ${APACHE_LOG_DIR}/mywebsite.access.log combined
> 
> 
> ty.
> 
> 
> 


LogFormat "%h %{X-Forwarded-For}i %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\"" combined

That might do what you want