On 10/2/2014 11:07 AM, Christopher Schultz wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Mike, Okay, using %a works when using mod_remoteip. AWS Linux uses %h by default for its httpd.conf definition of "combined" log format, so I've changed that and I'm getting the logging I desire. I'll try to replicate the behavior in httpd 2.2 without mod_remoteip we well. Thanks, - -chris
Hello Christopher, It looks like my replies got a little out of sync with yours. In Apache httpd 2.4 with mod_remoteip enabled and correctly configured, the %a field will contain the true original client IP address.Otherwise, the %a field will contain the IP address of the most immediate remote host.
For 2.2, the contents of the X-* headers is probably the only way to get the true client IP address. From I can tell, in your configuration there is only one proxy between the client and the destination server, so your X-Forwarded-For headers would probably only contain a single value. But one thing to keep in mind is that the X-Forwarded-For header could contain a list of IP addresses.
Take care, Mike Rumph --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|