Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
Received-SPF: pass (athena.apache.org: domain of yehuda@ymkatz.net designates
 209.85.219.53 as permitted sender)
MIME-Version: 1.0
In-Reply-To: <602090762.8202.1382702962915.JavaMail.root@electrichendrix.com>
References: <46338965.7430.1382664602348.JavaMail.root@electrichendrix.com>
	<605783640.7436.1382664755929.JavaMail.root@electrichendrix.com>
	<CAGBAQ47P09Sg0RS5_JNOBGx+3gb0todBEJ+CbpZvk3r6-7AyFw@mail.gmail.com>
	<602090762.8202.1382702962915.JavaMail.root@electrichendrix.com>
Date: Fri, 25 Oct 2013 09:16:10 -0400
Message-ID: 
 <CAGBAQ47nKom5+8Ok7LKsOFwaTHM-Fq9_fR=Pu5KGWVa-r7LHjQ@mail.gmail.com>
From: Yehuda Katz <yehuda@ymkatz.net>
To: "users@httpd.apache.org" <users@httpd.apache.org>
Content-Type: multipart/alternative; boundary=047d7b10c853d8927204e9908d45
Subject: Re: [users@httpd] X-Forwarded-For

--047d7b10c853d8927204e9908d45
Content-Type: text/plain; charset=ISO-8859-1

I thought each section has non-mod_cloudflare workarounds - I see only some
do.
The Apache documentation for mod_proxy has a suggestion for changing the
format of the log file (can paste a link from this device, but it should e
easy enough to find) to also include the header, but if you want to replace
the client IP, you will need some kind of module or code change (there are
others besides the cloudflare one).

- Y

On Friday, October 25, 2013, Chris Arnold wrote:

> >The X-Forwarded-For header is set by Apache automatically (
> http://httpd.apache.org/docs/2.2/mod/mod_proxy.html#x-headers). Your
> inside servers need to know to use it. >CloudFlare has some documentation
> about how to handle this on different servers:
> https://support.cloudflare.com/hc/en-us/sections/200038166-How-do-I-restore-original->visitor-IP-to-my-server-logs-<https://support.cloudflare.com/hc/en-us/sections/200038166-How-do-I-restore-original-visitor-IP-to-my-server-logs->
>
> Thanks Yehuda! Cloudflare wants you to install its mod. Is it possible to
> use what i already have to do this, which is apache?
>
>
>
> On Thu, Oct 24, 2013 at 9:32 PM, Chris Arnold <carnold@electrichendrix.com<javascript:_e({}, 'cvml', 'carnold@electrichendrix.com');>
> > wrote:
>
>> Apache 2.2 (i believe) on sles11. We have some servers behind our apache
>> (reverse) proxy. When connections come in to apache and apache proxies the
>> connections, the logs show the apache proxy ip. We need to see the
>> originating ip. I have seen on the internet that x-forwarded-for will do
>> this. Can anyone provide some config doc or guidance for x-forwarded-for?
>>
>>
>
>

-- 
Sent from a gizmo with a very small keyboard and hyper-active auto-correct.

--047d7b10c853d8927204e9908d45
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

I thought each section has non-mod_cloudflare workarounds - I see only some=
 do.<div>The Apache documentation for mod_proxy has a suggestion for changi=
ng the format of the log file (can paste=A0a link from this device, but it =
should e easy enough to find) to also include the header, but if you want t=
o replace the client IP, you will need some kind of module or code change (=
there are others besides the cloudflare one).</div>
<div><br></div><div>- Y<br><br>On Friday, October 25, 2013, Chris Arnold  w=
rote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;borde=
r-left:1px #ccc solid;padding-left:1ex"><div><div style=3D"font-size:12pt;f=
ont-family:times new roman,new york,times,serif">
<div><span style=3D"font-size:12pt">&gt;</span><span style=3D"font-family:H=
elvetica,Arial,sans-serif;font-size:12pt">The X-Forwarded-For header is set=
 by Apache automatically (</span><a href=3D"http://httpd.apache.org/docs/2.=
2/mod/mod_proxy.html#x-headers" style=3D"font-family:Helvetica,Arial,sans-s=
erif;font-size:12pt" target=3D"_blank">http://httpd.apache.org/docs/2.2/mod=
/mod_proxy.html#x-headers</a><span style=3D"font-family:Helvetica,Arial,san=
s-serif;font-size:12pt">). Your inside servers need to know to use it. &gt;=
CloudFlare has some documentation about how to handle this on different ser=
vers:=A0</span><a href=3D"https://support.cloudflare.com/hc/en-us/sections/=
200038166-How-do-I-restore-original-visitor-IP-to-my-server-logs-" style=3D=
"font-family:Helvetica,Arial,sans-serif;font-size:12pt" target=3D"_blank">h=
ttps://support.cloudflare.com/hc/en-us/sections/200038166-How-do-I-restore-=
original-&gt;visitor-IP-to-my-server-logs-</a></div>
<div style=3D"font-size:12pt;font-style:normal;font-family:Helvetica,Arial,=
sans-serif;text-decoration:none;font-weight:normal"><div dir=3D"ltr"><br></=
div><div dir=3D"ltr">Thanks Yehuda! Cloudflare wants you to install its mod=
. Is it possible to use what i already have to do this, which is apache?</d=
iv>
<div dir=3D"ltr"><br></div><div class=3D"gmail_extra"><br><div><br></div><d=
iv class=3D"gmail_quote">On Thu, Oct 24, 2013 at 9:32 PM, Chris Arnold <spa=
n dir=3D"ltr">&lt;<a href=3D"javascript:_e({}, &#39;cvml&#39;, &#39;carnold=
@electrichendrix.com&#39;);" target=3D"_blank">carnold@electrichendrix.com<=
/a>&gt;</span> wrote:<br>


<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex">Apache 2.2 (i believe) on sles11. We have so=
me servers behind our apache (reverse) proxy. When connections come in to a=
pache and apache proxies the connections, the logs show the apache proxy ip=
. We need to see the originating ip. I have seen on the internet that x-for=
warded-for will do this. Can anyone provide some config doc or guidance for=
 x-forwarded-for?<br>

<br>
</blockquote></div><br></div>
</div><div><br></div></div></div></blockquote></div><br><br>-- <br>Sent fro=
m a gizmo with a very small keyboard and hyper-active auto-correct.<br>

--047d7b10c853d8927204e9908d45--