perl-modperl mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Jeff Nokes <>
Subject Re: reverse proxy/logging problem
Date Thu, 02 Aug 2007 19:19:00 GMT
I had a similar issue, especially since we have nodes split behind F5 and Netscaler, which
both operate differently with respect to header preservation, modification.

Our solution was to write our own module and register it as the handler of
that apache phase, and attempt to derive the "real" client IP (parsing CLIENT_IP || X-Forwarded-For,
etc.) and set that in a new header called "X-Derived-Client-IP", which the load balancers
ignore.  Also, we have a GUID cookie we use to identify unique clients, and we parse the cookies
at that phase as set a "X-Derived-Client-ID" header.  Then, at the normal LogHandler apache
phase, we use the %{Header}i in our LogFormat configuration to get it in the access logs.
 We are running on the Apache 1.3* stack.

Hope this helps,
- Jeff

----- Original Message ----
From: Carl Johnstone <>
Sent: Thursday, August 2, 2007 8:07:53 AM
Subject: reverse proxy/logging problem


I've got a two-apache reverse proxy setup, split over two hosts.

The problem I've got is that I'd like to put the user_id in the access logs 
so that our log analysis software can make use of it.

Setting apache->user correctly logs the user at the back-end however the IP 
addresses are wrong, being the internal address of the front-end proxy. Also 
requests dealt with purely at the front-end aren't logged.

Logging at the front-end means all requests are logged with the right IP 
address. Additional bonuses for me are that those servers are less loaded, 
and I'd be able to turn off logging at the back-end. However the user_id 
isn't available.

Is there any easy way to pass the user_id from the back-end in such a way 
the front-end could log it? Or is there another option?


View raw message