Mike,
On 10/1/14 5:40 PM, Mike Rumph wrote:
What version of Apache httpd are you running?
Thanks for the reply. We are running 2.4 and 2.2 on various servers, but
I'm starting with this one:
Server version: Apache/2.4.10 (Amazon)
Server built: Jul 30 2014 23:57:28
This is the httpd package
Hello Christopher,
Since you are running 2.4.10, you have the latest mod_remoteip fixes.
But I think the problem is in the directives that you are using:
RemoteIPHeader X-Forwarded-For
#RemoteIPTrustedProxy 10.0.0.0/8
If you only use the RemoteIPHeader directive, then the default is
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
On 10/2/14 12:04 PM, Mike Rumph wrote:
Since you are running 2.4.10, you have the latest mod_remoteip
fixes. But I think the problem is in the directives that you are
using:
RemoteIPHeader X-Forwarded-For #RemoteIPTrustedProxy
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
On 10/2/14 12:37 PM, Christopher Schultz wrote:
With my above configuration, I got a line in my (your) access log
that looks like this:
10.32.219.77 71.178.180.80 10.32.219.77 xf=- - -
[02/Oct/2014:16:33:39 +] GET GET
Hello Christopher,
It just occurred to me that you might be referring to the first field
(%h) in your log records.
This is going to be the remote hostname.
So this is showing the IP address of your immediate proxy.
If you want to see the true original client IP address (as calculated by
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
On 10/2/14 1:18 PM, Mike Rumph wrote:
It just occurred to me that you might be referring to the first
field (%h) in your log records.
Precisely.
This is going to be the remote hostname. So this is showing the IP
address of your
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
On 10/2/14 1:18 PM, Mike Rumph wrote:
It just occurred to me that you might be referring to the first
field (%h) in your log records. This is going to be the remote
hostname. So this is showing the IP address of your immediate
proxy. If
On 10/2/2014 11:07 AM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
Okay, using %a works when using mod_remoteip. AWS Linux uses %h by
default for its httpd.conf definition of combined log format, so
I've changed that and I'm getting the logging I desire.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
On 10/2/14 2:27 PM, Mike Rumph wrote:
On 10/2/2014 11:07 AM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256
Mike,
Okay, using %a works when using mod_remoteip. AWS Linux uses %h
by default for its
All,
I'm trying to get httpd working behind an AWS ELB but still using the
remote client's information whenever possible.
ELB provides the X-Forwarded-For, X-Forwarded-Port, and
X-Forwarded-Proto HTTP headers. My configuration looks like this:
RemoteIPHeader X-Forwarded-For
Hello Christopher,
What version of Apache httpd are you running?
There have been some mod_remoteip fixes in recent 2.4.x releases.
You could also try setting up some LogFormat directives as in bug 55635
to get more information on this.
-
11 matches
Mail list logo
