Apache and F5’s

Everyone who uses any type of reverse proxy runs into this issue.  The original user IP address is lost when the proxy is used.  F5 and most proxy vendors have implements an additional header that contains the original source ip for usage known as the X-Forwarded-For Header.   You have to train your apache logs to look at this or your logs show the wrong IP.   This does present a problem that if someone goes directly the webserver the logs don’t show their ip address.  I ran across this little trick to display the correct IP either way just place this in your apache configuration replacing other log configuration.

 

httpd.conf in LogFormat section

LogFormat “%{X-Forwarded-For}i %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”” proxy

SetEnvIf X-Forwarded-For “^.*\..*\..*\..*” forwarded

Then in your virtual host or host entry use the following

CustomLog “logs/ssl_access_log” combined env=!forwarded

CustomLog “logs/ssl_access_log” proxy env=forwarded

 

Enjoy!

 

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.