Hi, William Can you give me more details: There is the %{Header-Name}i syntax of the custom log, so you could easily verify which header is actually in use. X-Forwarded-For is the usual 'public' method, I will use Apache as reverse proxy not forward proxy. So the IPs are from Internet user not internal private IP users. The remote internal IP is not suitable for me in my case. Thanks. Ryan -----Original Message----- From: William A. Rowe Jr. [mailto:wrowe@xxxxxxxxxxxxx] Sent: Monday, November 30, 2009 8:39 PM To: users@xxxxxxxxxxxxxxxx Subject: Re: Adding module to Apache-httpd Ruiyuan Jiang wrote: > I compiled remoteip module and loaded it without problem. > In one of my virtualhost of Apache reverse proxy, I added and tested: > > RemoteIPHeader X-Client-IP > Or > RemoteIPHeader X-Forwarded-For > > Or both > > I don't see the remote client IP is being forwarded to the backend server from Apache as it supposed to be. Does anyone know why or what I did wrong? Thanks. There is the %{Header-Name}i syntax of the custom log, so you could easily verify which header is actually in use. X-Forwarded-For is the usual 'public' method, but nobody promises you'll have such information assigned. The other example would entirely depend on your load balancer/router which picks up the requests and has redispatched them. Usually such devices will *not* share any info over the web, but replace that particular header unilaterally. Also note the module will only set the IP address as 'authentic' when the remote machine is trusted, see http://httpd.apache.org/docs/trunk/mod/mod_remoteip.html#remoteipinternalproxy and the commentary at the top of that page. [I'm thinking about a RemoteIPTrustedHeader directive that wouldn't deal with that scrutiny, but I'm a bit hesitant. You know your own IP's of your own infrastructure to trust such proxies, right?] --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx This message (including any attachments) is intended solely for the specific individual(s) or entity(ies) named above, and may contain legally privileged and confidential information. If you are not the intended recipient, please notify the sender immediately by replying to this message and then delete it. Any disclosure, copying, or distribution of this message, or the taking of any action based on it, by other than the intended recipient, is strictly prohibited. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx