Apache-2.4 has own module mod_remoteip
"This module is used to treat the useragent which initiated the request as the originating useragent as identified by httpd for the purposes of authorization and logging, even where that useragent is behind a load balancer, front end server, or proxy server."
you may use it with nginx such:
....
RemoteIPHeader X-Forwarded-For
....
but I found 2 issues for me:
1. I must change LogFormat ( replace %h with %a) to show original IP in logs
2. /server-status/ page show nginx ip address instead original
So, i deside to use mod_rpaf. Defaut veriosn does not compile with aapche-2.4.
To solve the issue:
replace “remote_” with “client_” in “mod_rpaf-2.0.c”
make it:
apxs -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c
or install
apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c
and use it with apache
RPAFenable On
RPAFproxy_ips 127.0.0.1
RPAFsethostname On
RPAFheader X-Forwarded-For
4 comments:
Did what you said but it doesn't work:
sed -i 's/remote_/client_/g' mod_rpaf-2.0.c
apxs -i -c -n mod_rpaf-2.0.so mod_rpaf-2.0.c
/usr/local/apache/build/libtool --silent --mode=compile gcc -std=gnu99 -prefer-pic -m64 -fPIC -DPIC -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -pthread -I/usr/local/apache/include -I/usr/local/apache/include -I/usr/local/apache/include -c -o mod_rpaf-2.0.lo mod_rpaf-2.0.c && touch mod_rpaf-2.0.slo
mod_rpaf-2.0.c: In function 'rpaf_cleanup':
mod_rpaf-2.0.c:150: error: 'conn_rec' has no member named 'remote_ip'
mod_rpaf-2.0.c:151: error: 'conn_rec' has no member named 'remote_addr'
mod_rpaf-2.0.c:151: warning: implicit declaration of function 'inet_addr'
mod_rpaf-2.0.c:151: error: 'conn_rec' has no member named 'remote_ip'
mod_rpaf-2.0.c: In function 'change_remote_ip':
mod_rpaf-2.0.c:164: error: 'conn_rec' has no member named 'remote_ip'
mod_rpaf-2.0.c:183: error: 'conn_rec' has no member named 'remote_ip'
mod_rpaf-2.0.c:186: error: 'conn_rec' has no member named 'remote_ip'
mod_rpaf-2.0.c:187: error: 'conn_rec' has no member named 'remote_addr'
mod_rpaf-2.0.c:187: error: 'conn_rec' has no member named 'remote_ip'
apxs:Error: Command failed with rc=65536
It worked. I did the following, though...
cp mod_rpaf-2.0.c mod_rpaf-2.4.c
sed -i 's/remote_/client_/g' mod_rpaf-2.4.c
apxs -c -n mod_rpaf-2.4.so mod_rpaf-2.4.c
apxs -i -c -n mod_rpaf-2.4.so mod_rpaf-2.4.c
Then loaded it with...
LoadModule rpaf_module /path/to/mod_rpaf-2.4.so
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.1
# RPAFheader X-Real-IP
RPAFheader X-Forwarded-For
Thanks for the solution!
What mod_rpaf version did you use because the latest i could find is 0.6 and it doesn't seem to contain mod_rpaf-2.4.c
Regards.
rpaf work fine, but with apache 2.4.6 - 2.4.7
if you try enable mod_rpaf on apache 2.4.10 apache status still ok, but if you see on phpinfo(), you have wrong IP in
_SERVER["REMOTE_ADDR"]
:(
Post a Comment