Hi,
I'm using the RemoteIPHeader X-Forwarded-For within a VirtualHost
configuration in order to determine GEO location of our users within our PHP
application.
But I also would like to log the Remote IP of the clients within the apache
logs.
The Apache combined log format looks like this:
LogFormat "%h (%{X-Forwarded-For}i) %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\"" combined
According to documentation:
RemoteIPTrustedProxy Directive
The RemoteIPTrustedProxy directive adds one or more addresses (or address
blocks) to trust as presenting a valid RemoteIPHeader value of the useragent
IP. Unlike the RemoteIPInternalProxy directive, any intranet or private IP
address reported by such proxies, including the 10/8, 172.16/12, 192.168/16,
169.254/16 and 127/8 blocks (or outside of the IPv6 public 2000::/3 block) are
not trusted as the useragent IP, and are left in the RemoteIPHeader header's
value.
In my case the directive looks like this:
RemoteIPTrustedProxy 172.31.0.0/16
Where I'm saying trust any PROXY forwarding from this local subnet.
BUT, when I set this Apache stops logging the remote IP because the forwarding
proxy is valid now ?
So If I set:
RemoteIPTrustedProxy 10.10.10.10
The IP above doesn't exist. So the proxy servers from 172.31.0.0/16 are invalid
now and therefore apache starts logging the remote IP header again?
Please, try to give me some guidance here, as obviously I don't understand this.
Thanks a lot !
