Introduction
You will sometimes have traffic come from a proxy source, such as Cloudflare or Nginx source, and the Apache logs will record the proxy source as the client IP address instead of the original visitor's IP address. Apache's mod_remoteip module allows you to restore the original visitor's IP address.
Procedure
For Cloudflare:
Cloudflare support is added to cPanel by default to use the CF-Connecting-IP header.
For Custom Proxies:
If you are using a Nginx or other proxy that uses a different header, follow these steps:
- Access the server's command line as the 'root' user via SSH or "Terminal" in WHM.
- Disable the Cloudflare proxy configuration:
touch /var/cpanel/no_apache_cloudflare /usr/local/cpanel/scripts/rebuildhttpdconf /usr/local/cpanel/scripts/restartsrv_httpd
- Open
/etc/apache2/conf.d/includes/pre_virtualhost_global.confin your preferred text editor, or navigate to "Home / Service Configuration / Apache Configuration / Include Editor" in WHM and select Pre VirtualHost Include > Global. - Add the following line:
RemoteIPHeader X-Forwarded-For
-
Add entries for the proxy IP addresses.
- For remote IP addresses, use
RemoteIPTrustedProxy.RemoteIPTrustedProxy 203.0.113.2
- For local IP addresses, use
RemoteIPInternalProxy.RemoteIPInternalProxy 192.0.2.2
Please note that IP address ranges may be added using CIDR notation.
- For remote IP addresses, use
- Save the changes and exit the text editor.
- Log into WHM as the 'root' user.
- Navigate to "Home / Service Configuration / Apache Configuration / Global Configuration."
- Scroll down to the "LogFormat (combined)" option.
- Select the textbox.
- Replace the default text with the following.
%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" - Select the textbox for the "LogFormat (common)" option.
- Replace the default text with the following.
%a %l %u %t \"%r\" %>s %b
- Scroll to the bottom of the page.
- Click the "Save" button.
- Click the "Rebuild Configuration and Restart Apache" button.
Comments
0 comments
Article is closed for comments.