[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[users@httpd] RemoteIPInternalProxy / RemoteIPTrustedProxy


I'm using the  RemoteIPHeader X-Forwarded-For within a VirtualHost configuration in order to determine GEO location of our users within our PHP application.

But I also would like to log the Remote IP of the clients within the apache logs.

The Apache combined log format looks like this:

LogFormat "%h (%{X-Forwarded-For}i) %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

According to documentation:

RemoteIPTrustedProxy Directive
The RemoteIPTrustedProxy directive adds one or more addresses (or address blocks) to trust as presenting a valid RemoteIPHeader value of the useragent IP. Unlike the RemoteIPInternalProxy directive, any intranet or private IP address reported by such proxies, including the 10/8, 172.16/12, 192.168/16, 169.254/16 and 127/8 blocks (or outside of the IPv6 public 2000::/3 block) are not trusted as the useragent IP, and are left in the RemoteIPHeader header's value.

In my case the directive looks like this:


Where I'm saying trust any PROXY forwarding from this local subnet.

BUT, when I set this Apache stops logging the remote IP because the forwarding proxy is valid now ?

So If I set:


The IP above doesn't exist. So the proxy servers from are invalid now and therefore apache starts logging the remote IP header again?

Please, try to give me some guidance here, as obviously I don't understand this.

Thanks a lot !