OSDir


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[users@httpd] RemoteIPInternalProxy / RemoteIPTrustedProxy


Hi,

I'm using the  RemoteIPHeader X-Forwarded-For within a VirtualHost configuration in order to determine GEO location of our users within our PHP application.

But I also would like to log the Remote IP of the clients within the apache logs.

The Apache combined log format looks like this:

LogFormat "%h (%{X-Forwarded-For}i) %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

According to documentation:

RemoteIPTrustedProxy Directive
The RemoteIPTrustedProxy directive adds one or more addresses (or address blocks) to trust as presenting a valid RemoteIPHeader value of the useragent IP. Unlike the RemoteIPInternalProxy directive, any intranet or private IP address reported by such proxies, including the 10/8, 172.16/12, 192.168/16, 169.254/16 and 127/8 blocks (or outside of the IPv6 public 2000::/3 block) are not trusted as the useragent IP, and are left in the RemoteIPHeader header's value.

In my case the directive looks like this:

RemoteIPTrustedProxy 172.31.0.0/16

Where I'm saying trust any PROXY forwarding from this local subnet.

BUT, when I set this Apache stops logging the remote IP because the forwarding proxy is valid now ?

So If I set:

RemoteIPTrustedProxy 10.10.10.10 

The IP above doesn't exist. So the proxy servers from 172.31.0.0/16 are invalid now and therefore apache starts logging the remote IP header again?

Please, try to give me some guidance here, as obviously I don't understand this.

Thanks a lot !