mod_reveseproxy: extract client IP from reverse proxy

If you setup Apache 2.4 With mod_remoteip, the apache extendedstatus always gives you the proxy IP, instead of client IP, actually this is due to that the mod_status  set client IP very early when there is a TCP connection but no headers, Apache 2.4 allows per-request notion of overriding the client address, but not at this early stage. To overcome this issue, I would suggest you to use mod_reveseproxy apache module, the modules is completely based on mod_cloudflare and mod_remoteip.

To install, follow the instructions on:

 

   wget https://raw.github.com/Prajithp/mod_reverseproxy/master/mod_reverseproxy.c
   apxs -i -c -n mod_reverseproxy.so mod_reverseproxy.c  

Configuration Directives

ReverseProxyEnable           (On|Off)          - Enable reverse proxy

ReverseProxyRemoteIPHeader   X-Real-IP         - The header to use for the real IP
                                                 address.
ReverseProxyRemoteIPTrusted  127.0.0.1         -  What IPs to adjust requests for

Example Configuration

LoadModule reverseproxy_module modules/mod_reverseproxy.so

<IfModule reverseproxy_module>
  ReverseProxyEnable  On
  ReverseProxyRemoteIPHeader X-Real-IP
  ReverseProxyRemoteIPTrusted 127.0.0.1
  ReverseProxyRemoteIPTrusted 46.105.160.192
</IfModule>

NOTES:

  • If mod_cloudflare or mod_remoteip are already loaded on the same web server, the web server will crash because both modules try to set the remote IP to a different value.

https://github.com/Prajithp/mod_reverseproxy

mod_reveseproxy: extract client IP from reverse proxy

One thought on “mod_reveseproxy: extract client IP from reverse proxy

Leave a Reply

Your email address will not be published. Required fields are marked *

Fork me on GitHub