Apache Logs showing 127.0.0.1 when behind Nginx AND Cloudflare
Within EA4 we have Apache setup behind Nginx as a proxy and everything is working as expected except for websites behind Cloudflare where the Apache access logs show the request IP as 127.0.0.1. For any websites not behind Cloudflare the logs correctly show the visitors remote IP address.
We have mod_remoteIP setup correct with the "RemoteIPHeader CF-Connecting-IP" + IP block in place.
PHP scripts correctly see "$_SERVER['REMOTE_ADDR'];" as the visitors IP address.
For our Apache logs we have switched over to us %a instead of %h.
Any ideas why this may not be working as expected, or how we can get Apache to log the correct IP when behind both Nginx AND Cloudflare?
-
Hey there! I don't have a great explanation for this one - if you have mod_remoteip installed and the "RemoteIPHeader CF-Connecting-IP" as outlined at https://support.cpanel.net/hc/en-us/articles/360051107513-Restoring-visitors-IP-with-mod-remoteip it should work. We'll likely need to see a ticket on this one to do additional troubleshooting.
0 -
cPRex Ah, got it!
It needed the below adding as it was an internal proxy.
RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy 127.0.0.1Not sure whether it was me or the article, but I read it that those lines were only needed when using an external proxy rather than apache/nginx on same machine. Maybe worth updating the article?
0 -
Yes, they would need to escalate the ticket to us if they aren't able to resolve the issue.
0 -
Unfortunately the "RemoteIPInternalProxy 127.0.0.1" hasn't worked. I'll raise via the datacenter to get a ticket logged.
0 -
I'm glad you were able to get this at least partially working! Let me know if the datacenter has any additional ideas!
0 -
I have just checked through logs for April then back to Feb + March and can only see 127.0.0.1
0 -
At this point it would be best to submit a ticket to our team so we can take a look.
0 -
Hello
Experiencing the same behavior here. Logs for domains passing through Cloudflare are showing 127.0.0.1 for every request. If I disable the Cloudflare proxy (or point the domain directly to the server IP on the hosts file) the correct IP is logged.
Proxy on:
127.0.0.1 - - [30/Apr/2024:10:58:02 -0300] "GET /info.php HTTP/1.1" 200 27110 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"
Proxy off:
177.x.x.x - - [30/Apr/2024:11:06:04 -0300] "GET /info.php HTTP/1.1" 200 26946 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"
0 -
hope this help:
changing /etc/apache2/conf.modules.d/370_mod_remoteip.conf dont show work as expected:
# Enable mod_remoteip
LoadModule remoteip_module modules/mod_remoteip.so
RemoteIPHeader CF-Connecting-IP
#RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy 127.0.0.1/32
RemoteIPTrustedProxy 127.0.0.1/32
RemoteIPTrustedProxy 173.245.48.0/20
RemoteIPTrustedProxy 103.21.244.0/22
RemoteIPTrustedProxy 103.22.200.0/22
RemoteIPTrustedProxy 103.31.4.0/22
RemoteIPTrustedProxy 141.101.64.0/18
RemoteIPTrustedProxy 108.162.192.0/18
RemoteIPTrustedProxy 190.93.240.0/20
RemoteIPTrustedProxy 188.114.96.0/20
RemoteIPTrustedProxy 197.234.240.0/22
RemoteIPTrustedProxy 198.41.128.0/17
RemoteIPTrustedProxy 162.158.0.0/15
RemoteIPTrustedProxy 104.16.0.0/13
RemoteIPTrustedProxy 104.24.0.0/14
RemoteIPTrustedProxy 172.64.0.0/13
RemoteIPTrustedProxy 131.0.72.0/22
RemoteIPTrustedProxy 2400:cb00::/32
RemoteIPTrustedProxy 2606:4700::/32
RemoteIPTrustedProxy 2803:f800::/32
RemoteIPTrustedProxy 2405:b500::/32
RemoteIPTrustedProxy 2405:8100::/32
RemoteIPTrustedProxy 2a06:98c0::/29
RemoteIPTrustedProxy 2c0f:f248::/32this help me out, need to change config /etc/nginx/conf.d/includes-optional/cloudflare.conf:
but I know change this file manual will get override once there any change in the cpanel,but at least it showing real ip address now
# Cloudflare IPs (https://api.cloudflare.com/client/v4/ips etag: 38f79d050aa027e3be3865e495dcc9bc)
# Auto Generated
# by /etc/nginx/ea-nginx/config-scripts/global/config-scripts-global-cloudflare
# at Thu Aug 22 15:41:19 2024# IPv4:
set_real_ip_from 173.245.48.0/20;
set_real_ip_from 103.21.244.0/22;
set_real_ip_from 103.22.200.0/22;
set_real_ip_from 103.31.4.0/22;
set_real_ip_from 141.101.64.0/18;
set_real_ip_from 108.162.192.0/18;
set_real_ip_from 190.93.240.0/20;
set_real_ip_from 188.114.96.0/20;
set_real_ip_from 197.234.240.0/22;
set_real_ip_from 198.41.128.0/17;
set_real_ip_from 162.158.0.0/15;
set_real_ip_from 104.16.0.0/13;
set_real_ip_from 104.24.0.0/14;
set_real_ip_from 172.64.0.0/13;
set_real_ip_from 131.0.72.0/22;
set_real_ip_from 127.0.0.1/32;# IPv6:
set_real_ip_from 2400:cb00::/32;
set_real_ip_from 2606:4700::/32;
set_real_ip_from 2803:f800::/32;
set_real_ip_from 2405:b500::/32;
set_real_ip_from 2405:8100::/32;
set_real_ip_from 2a06:98c0::/29;
set_real_ip_from 2c0f:f248::/32;real_ip_header CF-Connecting-IP;
0
Please sign in to leave a comment.
Comments
9 comments