There is no built-in setting to log or not log forwarded headers. It's
not difficult to change, but it requires a little programming.
If you are comfortable with C, you can edit nslog/nslog.c and change the
behaviour with X-Forwarded-For (it's at nslog.c:272 in my copy). You
could disable the check and always log the real ip, log both the real
and forwarded header, or make it dependent on a config file setting.
If you write code that uses a config setting, it might be worth adding
to the standard codebase, as I doubt you're the first one to run across
this.
Alternately, you could do it in tcl code, by setting up a trace filter
(with ns_register_filter) that writes out a different log file with
exactly what you need.
-J
Hossein Sharifi wrote:
I've been meaning to write about this for a while: When I switched from
AOLserver 3.x to 4.0 a few years ago, I noticed that the IP address in
the log file no longer always matches what [ns_conn peeraddr] reports.
ns_conn seems to always report the actual IP address of the user,
whereas the log files will gladly accept whatever is in the
X-Forwarded-For header that the client sends, even if it's forged or
nonsensical. This makes it difficult to detect and track bot behavior
and other abuses. A significant portion of bot activity on my site is
logged as "127.0.0.1," "unknown," "10.0.0.50" or other similar false values.
Is there any way to make AOLserver log the real IP address and ignore
the X-Forwarded-For header?
-- AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to
<lists...@listserv.aol.com> with the body of "SIGNOFF AOLSERVER" in the
email message. You can leave the Subject: field of your email blank.
--
AOLserver - http://www.aolserver.com/
To Remove yourself from this list, simply send an email to
<lists...@listserv.aol.com> with the
body of "SIGNOFF AOLSERVER" in the email message. You can leave the Subject:
field of your email blank.
