Setup as follows: - proxy server (RHEL8 apache 2.4) in DMZ - contains multiple vhosts - each vhost acts as a reverse proxy to a web server in the LAN - connections from the proxy to the backend web server are secured via SSL - backend server (RHEL8 apache 2.4) in LAN Problem to solve: Currently the apache access log of the backend server shows the IP of the proxy instead of the originating client IP. I want to ensure the client IP (who is connecting to the proxy) to be logged in the access log of the backend apache server. Numerous howto's on the web (e.g. https://www.globo.tech/learning-center/x-forwarded-for-ip-apache-web-server/) propose to use RemoteIPHeader X-Forwarded-For. However it seems that this only works when the proxy connection to the backend uses HTTP. (https://www.linode.com/community/questions/6351/ideas-to-get-x-forwarded-for-working-for-httpsnode-balancer and the "Effectiveness" comment on https://httpd.apache.org/docs/2.4/en/mod/mod_proxy.html#proxyaddheaders.) The proxy server has both the public and private keys of the SSL certifcate. How can I configure the proxy server to add the X-Forwarded-for header while keeping the SSL connection to the backend? Thanks in advance Bram --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|