Skip to main content

How to restore visitors IP with mod_remoteip

cPanelAaronH
  • Updated

Question

You will sometimes have traffic come from a proxy source, such as Cloudflare or Nginx source, and the Apache logs will record the proxy source as the client IP address instead of the original visitor's IP address. Apache's mod_remoteip module allows you to restore the original visitor's IP address.

Answer

Cloudflare:

cPanel automatically creates the configuration file /etc/apache2/conf.d/includes/cloudflare.conf and adds Cloudflare support by including the CloudFlare headers CF-Connecting-IP.

Custom Proxies:

If you are using a Nginx or other proxy that uses a different header, follow these steps:

  1. Access the server's command line as the root user via SSH or Terminal in WHM.

  2. Disable the Cloudflare proxy configuration:

    #  touch /var/cpanel/no_apache_cloudflare
    /usr/local/cpanel/scripts/rebuildhttpdconf
    /usr/local/cpanel/scripts/restartsrv_httpd

  3. Open /etc/apache2/conf.d/includes/pre_virtualhost_global.conf in your preferred text editor, or navigate to Home / Service Configuration / Apache Configuration / Include Editor in WHM and select Pre VirtualHost Include / Global.

  4. Add the following line:

    CONFIG_TEXT: RemoteIPHeader X-Forwarded-For

  5. Add entries for the proxy IP addresses.

    For remote IP addresses, use RemoteIPTrustedProxy.

    CONFIG_TEXT: RemoteIPTrustedProxy 203.0.113.2

    For local IP addresses, use RemoteIPInternalProxy.

    CONFIG_TEXT: RemoteIPInternalProxy 192.0.2.2

    CPANEL_INFO: The IP address ranges may be added using CIDR notation.

  6. Save the changes and exit the text editor.
  7. Log in to WHM as the 'root' user.
  8. Navigate to Home / Service Configuration / Apache Configuration / Global Configuration.
  9. Scroll down to the LogFormat (combined) option.
  10. Select the textbox.

  11. Replace the default text with the following.

    CONFIG_TEXT: %a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"

  12. Select the textbox for the LogFormat (common) option.

  13. Replace the default text with the following.

    CONFIG_TEXT: %a %l %u %t \"%r\" %>s %b

  14. Scroll to the bottom of the page.
  15. Click the Save button.
  16. Click the Rebuild Configuration and Restart Apache button.

Additional resources

Apache Module mod_remoteip

Advanced Apache Configuration

Related articles

Comments

0 comments

Article is closed for comments.

%