If you setup Apache 2.4 With mod_remoteip, the apache extendedstatus always gives you the proxy IP, instead of client IP, actually this is due to that the mod_status set client IP very early when there is a TCP connection but no headers, Apache 2.4 allows per-request notion of overriding the client address, but not at this early stage. To overcome this issue, I would suggest you to use mod_reveseproxy apache module, the modules is completely based on mod_cloudflare and mod_remoteip.
To install, follow the instructions on:
wget https://raw.github.com/Prajithp/mod_reverseproxy/master/mod_reverseproxy.c apxs -i -c -n mod_reverseproxy.so mod_reverseproxy.c
ReverseProxyEnable (On|Off) - Enable reverse proxy ReverseProxyRemoteIPHeader X-Real-IP - The header to use for the real IP address. ReverseProxyRemoteIPTrusted 127.0.0.1 - What IPs to adjust requests for
LoadModule reverseproxy_module modules/mod_reverseproxy.so <IfModule reverseproxy_module> ReverseProxyEnable On ReverseProxyRemoteIPHeader X-Real-IP ReverseProxyRemoteIPTrusted 127.0.0.1 ReverseProxyRemoteIPTrusted 184.108.40.206 </IfModule>
- If mod_cloudflare or mod_remoteip are already loaded on the same web server, the web server will crash because both modules try to set the remote IP to a different value.
mod_reveseproxy: extract client IP from reverse proxy
One thought on “mod_reveseproxy: extract client IP from reverse proxy”