Since there’s no support for mod_rpaf in Apache2 2.4+ it’s recommended to use mod_remoteip instead if Apache2 is running behind a proxy like HAProxy.
mod_remoteip can be enabled using
a2enmod remoteip
It can be fine tuned in ./conf-available/remoteip.conf. You have to manually create the file if it doesn’t exist.
RemoteIPHeader X-Forwarded-For RemoteIPTrustedProxy 127.0.0.1
And don’t forget to
a2enconf remoteip service apache2 restart
While the remote IP address is injected into PHP just fine, Apache2 continues to log 127.0.0.1 as the remote IP address in access.log.
A modification is required in apache2.conf:
#LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
%h has to be replaced with %a. I’m not sure if this is a bug or not but Apache2 will log the real remote IP address from now on.
If you’re still seeing 127.0.0.1 then maybe your proxy doesn’t forward the remote IP address to Apache2. For HAProxy, use the forwardfor option:
option forwardfor
I am geting, when I am trying to run “a2enmod remoteip”
ERROR: Module remoteip does not exist!
I have created a folder conf-available in /etc/apache2/ and then added remoteip.conf. After this restarted the apache server
You need a2enconf remoteip
If it’s in conf-available it’s a2enconf
If it’s in mods-available it’s a2enmod
in sites-available it’s a2ensite
Hi,
Please refer this link as well http://techiescorner.in/index.php/2016/04/05/mod_remoteip-and-real-ip-login-in-access-log/