httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Reindl Harald <h.rei...@thelounge.net>
Subject Re: mod_remoteip does NOT change access-log IP
Date Wed, 23 Jan 2013 17:16:56 GMT
hmpf - with "mod_rpaf" on httpd 2.4 the access-log-ip is correct
but the "REMOTE_ADDR" variable in PHP-scripts has the proxy-IP

means i can not upgrade production to 2.4 because "mod_remoteip"
will destory usages and "mod_rpaf" security because you have
inside php-scripts a LAN address from the proxy

"mod_rpaf" on httpd 2.2 replaces for sure ANY place like access-log,
error-log and REMOTE_ADDR in scripts with the "X-Forwarded-For"
from the trusted apache trafficserver

SERVER_ADDR 	10.0.0.99
SERVER_PORT 	8080
REMOTE_ADDR 	10.0.0.103

Am 23.01.2013 18:08, schrieb Reindl Harald:
> however: http://vova-zms.blogspot.co.at/2012/07/install-modrpaf-with-apache-24.html
> 
> patched "mod_rpaf" works with 2.4 but it would be really nice
> to have EXACTLY it's behavior in "mod_remoteip" because i see
> no way how i sell my customers chaning usages nor can i change
> the configuration of logging because a very mixed environement
> of vurtual hosts with or without trafficserver
> 
> Am 23.01.2013 17:06, schrieb Reindl Harald:
>> hi
>>
>> LoadModule            remoteip_module "modules/mod_remoteip.so"
>> RemoteIPHeader        X-Forwarded-For
>> RemoteIPInternalProxy 127.0.0.1 10.0.0.4 10.0.0.103 91.118.73.4
>> ________________________
>>
>> PHP - fine, exactly how it should do:
>> _SERVER["SERVER_ADDR"]	10.0.0.99
>> _SERVER["SERVER_PORT"]	8080
>> _SERVER["REMOTE_ADDR"]	10.0.0.99
>> ________________________
>>
>> BUT access-log contains the ip of the apache trafficserver
>> this is a major problem for replace mod_rafp with mod_remoteip
>> because webalizer-usages are more or less useless
>>
>> 10.0.0.103 - - [23/Jan/2013:17:01:53 +0100] "GET /images/page/tidy_16.gif HTTP/1.1"
304 -
>> "http://www.test.rh:8080/" "Mozilla/5.0 (X11; Linux x86_64; rv:18.0) Gecko/20100101
Firefox/18.0" (-%)


Mime
View raw message