Answer the question
In order to leave comments, you need to log in
N
N
nordz0r2020-11-10 12:27:56
nordz0r, 2020-11-10 12:27:56
How to set up logs on the server behind Apache Reverse proxy?
Good afternoon. Tell me how to set up getting the correct IP on the server with apache behind a proxy?
On the server with apache reverse proxy, the logs come correct
From the local network:
10.0.25.25 - - [10/Nov/2020:12:21:50 +0300] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 304 267 "-" "Mozilla/ 5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36"
10.0.25.25 - - [10/Nov/2020:12:21:52 +0300] "POST /index.php/apps/text/session/sync HTTP/1.1" 200 1504 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/ 537.36"
10.0.25.25 - - [10/Nov/2020:12:21:58 +0300] "POST /index.php/apps/text/session/sync HTTP/1.1" 200 2032 "-" "Mozilla/5.0 ( Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36"
From the Internet (behind NAT):
188.170.XX.XXX - - [10/Nov/2020:12:22:04 +0300] "GET /index.php/login HTTP/1.1" 200 6436 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.1 Mobile/15E148 Safari/604.1"
10.0.25.25 - - [10/Nov/2020:12:22:04 +0300] "POST /index.php/apps/text/session/sync HTTP/1.1" 200 2032 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/ 537.36"
188.170.XX.XXX - - [10/Nov/2020:12:22:04 +0300] "GET /index.php/core/js/oc.js?v=cea31a8e HTTP/1.1" 200 10342 "- " "Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.1 Mobile/15E148 Safari/604.1"
188.170.XX.XXX - - [10/Nov/2020:12:22:04 +0300] "GET /apps/theming/image/background HTTP/1.1" 404 10973 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.1 Mobile/15E148 Safari/604.1"
Here is what is in the log on the destination server (LogFormat "%a %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\ "" combined)
From the local network:
10.0.7.84 10.0.25.25 - - [10/Nov/2020:12:17:52 +0300] "GET /index.php/core/preview?fileId=1171&x=32&y=32 HTTP/1.1" 404 826 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36"
10.0.7.84 10.0.25.25 - - [10/Nov/2020:12:17: 52 +0300] "GET /index.php/core/preview?fileId=1329&x=32&y=32 HTTP/1.1" 404 826 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36"
From the Internet:
188.170.XX.XXX 10.0.7.84 - - [10/Nov/2020:12:18:01 +0300] "GET /index.php/core/js/oc.js?v=cea31a8e HTTP/1.1" 200 10301 " -" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.1 Mobile/15E148 Safari/604.1"
188.170.XX.XXX 10.0.7.84 - - [10/Nov/2020:12:18:01 +0300] "GET /apps/theming/image/background HTTP/1.1" 404 9397 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 14_2 like Mac OS X ) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.1 Mobile/15E148 Safari/604.1"
Proxy setting:
<VirtualHost *:80>
ServerName nc-test.domain.ru
Redirect permanent / https://nc-test.domain.ru/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin [email protected]
DocumentRoot /var/www/html
ServerName nc-test.domain.ru
ErrorLog ${APACHE_LOG_DIR}/nc-test.domain.ru.error.log
CustomLog ${APACHE_LOG_DIR}/nc-test.domain.ru.access.log combined
TransferLog ${APACHE_LOG_DIR}/nc-test.domain.ru.ssl.log
SSLEngine On
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
ProxyVia full
ProxyHTMLInterp On
ProxyHTMLExtended On
<proxy *>
Order deny,allow
Allow from all
</proxy>
ProxyPass / https://10.0.7.136/
ProxyPassReverse / https://10.0.7.136/
SSLCertificateFile /etc/letsencrypt/live/nc-test.domain.ru/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/nc-test.domain.ru/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>Client setting:
<VirtualHost *:80>
ServerName nc-test.domain.ru
ServerAlias nc-test2.domain.ru
Redirect / https://nc-test.domain.ru/
</VirtualHost>
<VirtualHost *:443>
ServerAdmin [email protected]
ServerAlias nc-test2.domain.ru
DocumentRoot /var/www/nextcloud
ServerName nc-test.domain.ru
ErrorLog ${APACHE_LOG_DIR}/nc-test.domain.ru.error.log
CustomLog ${APACHE_LOG_DIR}/nc-test.domain.ru.access.log combined
TransferLog ${APACHE_LOG_DIR}/nc-test.domain.ru.ssl.log
SSLEngine On
SSLCertificateFile /etc/ssl/test/public.crt
SSLCertificateKeyFile /etc/ssl/test/private.rsa
Protocols h2 http/1.1
<Directory /var/www/nextcloud>
AllowOverride All
Order allow,deny
Allow from all
</Directory>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000; includeSubDomains"
</IfModule>
<IfModule remoteip_module>
RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 127.0.0.1 10.0.7.84
RemoteIPInternalProxy 127.0.0.1 10.0.7.84
</IfModule>
</VirtualHost>remoteip enabled
rpaf.conf enabled
<IfModule rpaf_module>
RPAFenable On
# When enabled, take the incoming X-Host header and
# update the virtualhost settings accordingly:
RPAFsethostname On
# Define which IP's are your frontend proxies that sends
# the correct X-Forwarded-For headers:
#RPAFproxy_ips 10.0.7.84 127.0.0.1 ::1
RPAFproxy_ips 127.0.0.1 ::1 10.0.7.84
# Change the header name to parse from the default
# X-Forwarded-For to something of your choice:
RPAFheader X-Real-IP
#RPAF_Header X-Forwarded-For
#RPAF_SetHTTPS On
</IfModule>
Similar questions
S
@
E
A
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question