On Sat, Apr 08, 2017 at 08:48:43PM +0200, Thuban wrote:
> Hello,
> I use relayd to deal with HTTP headers as suggested here [1].
> My problem is that in httpd logs, the origin IP is 127.0.0.1 and thats
> not very handy to track bruteforce attacks (in example).
>
> Do you have any advice to keep the visitor IP in logs ?
>
> [1] :
> https://github.com/reyk/httpd/wiki/Using-relayd-to-add-Cache-Control-headers-to-httpd-traffic
> --
> :thuban:
>
Hey,
It's commonly done by adding a X-Forwarded-For header with the origin IP.
>From the relayd.conf(5) man page:
http protocol "https" {
match header append "X-Forwarded-For" \
value "$REMOTE_ADDR"
match header append "X-Forwarded-By" \
value "$SERVER_ADDR:$SERVER_PORT"
... snip snip ...
}
I hope this helps you,
--
Kind regards,
Hiltjo
