Skip to main content

Apache Logs showing 127.0.0.1 when behind Nginx AND Cloudflare

Comments

9 comments

  • cPRex Jurassic Moderator

    Hey there!  I don't have a great explanation for this one - if you have mod_remoteip installed and the "RemoteIPHeader CF-Connecting-IP" as outlined at https://support.cpanel.net/hc/en-us/articles/360051107513-Restoring-visitors-IP-with-mod-remoteip it should work.  We'll likely need to see a ticket on this one to do additional troubleshooting.

    0
  • Neil

    cPRex Ah, got it!

    It needed the below adding as it was an internal proxy.

    RemoteIPHeader X-Forwarded-For
    RemoteIPInternalProxy 127.0.0.1

    Not sure whether it was me or the article, but I read it that those lines were only needed when using an external proxy rather than apache/nginx on same machine. Maybe worth updating the article?

    0
  • cPRex Jurassic Moderator

    Yes, they would need to escalate the ticket to us if they aren't able to resolve the issue.

    0
  • Neil

    Unfortunately the "RemoteIPInternalProxy 127.0.0.1" hasn't worked. I'll raise via the datacenter to get a ticket logged.

    0
  • cPRex Jurassic Moderator

    I'm glad you were able to get this at least partially working!  Let me know if the datacenter has any additional ideas!

    0
  • Neil

    I have just checked through logs for April then back to Feb + March and can only see 127.0.0.1

    0
  • cPRex Jurassic Moderator

    At this point it would be best to submit a ticket to our team so we can take a look.

    0
  • Thiago Voltolini

    Hello

    Experiencing the same behavior here. Logs for domains passing through Cloudflare are showing 127.0.0.1 for every request. If I disable the Cloudflare proxy (or point the domain directly to the server IP on the hosts file) the correct IP is logged.

    Proxy on:

    127.0.0.1 - - [30/Apr/2024:10:58:02 -0300] "GET /info.php HTTP/1.1" 200 27110 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"

    Proxy off:

    177.x.x.x - - [30/Apr/2024:11:06:04 -0300] "GET /info.php HTTP/1.1" 200 26946 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"

    0
  • PT. Visiniaga

    hope this help:

    changing /etc/apache2/conf.modules.d/370_mod_remoteip.conf dont show work as expected:

    # Enable mod_remoteip
    LoadModule remoteip_module modules/mod_remoteip.so
    RemoteIPHeader CF-Connecting-IP
    #RemoteIPHeader X-Forwarded-For
    RemoteIPInternalProxy 127.0.0.1/32
    RemoteIPTrustedProxy 127.0.0.1/32
    RemoteIPTrustedProxy 173.245.48.0/20
    RemoteIPTrustedProxy 103.21.244.0/22
    RemoteIPTrustedProxy 103.22.200.0/22
    RemoteIPTrustedProxy 103.31.4.0/22
    RemoteIPTrustedProxy 141.101.64.0/18
    RemoteIPTrustedProxy 108.162.192.0/18
    RemoteIPTrustedProxy 190.93.240.0/20
    RemoteIPTrustedProxy 188.114.96.0/20
    RemoteIPTrustedProxy 197.234.240.0/22
    RemoteIPTrustedProxy 198.41.128.0/17
    RemoteIPTrustedProxy 162.158.0.0/15
    RemoteIPTrustedProxy 104.16.0.0/13
    RemoteIPTrustedProxy 104.24.0.0/14
    RemoteIPTrustedProxy 172.64.0.0/13
    RemoteIPTrustedProxy 131.0.72.0/22
    RemoteIPTrustedProxy 2400:cb00::/32
    RemoteIPTrustedProxy 2606:4700::/32
    RemoteIPTrustedProxy 2803:f800::/32
    RemoteIPTrustedProxy 2405:b500::/32
    RemoteIPTrustedProxy 2405:8100::/32
    RemoteIPTrustedProxy 2a06:98c0::/29
    RemoteIPTrustedProxy 2c0f:f248::/32

     

    this help me out, need to change config /etc/nginx/conf.d/includes-optional/cloudflare.conf:
    but I know change this file manual will get override once there any change in the cpanel, 

    but at least it showing real ip address now

    # Cloudflare IPs (https://api.cloudflare.com/client/v4/ips etag: 38f79d050aa027e3be3865e495dcc9bc)
    # Auto Generated
    #   by /etc/nginx/ea-nginx/config-scripts/global/config-scripts-global-cloudflare
    #   at Thu Aug 22 15:41:19 2024

    # IPv4:
    set_real_ip_from 173.245.48.0/20;
    set_real_ip_from 103.21.244.0/22;
    set_real_ip_from 103.22.200.0/22;
    set_real_ip_from 103.31.4.0/22;
    set_real_ip_from 141.101.64.0/18;
    set_real_ip_from 108.162.192.0/18;
    set_real_ip_from 190.93.240.0/20;
    set_real_ip_from 188.114.96.0/20;
    set_real_ip_from 197.234.240.0/22;
    set_real_ip_from 198.41.128.0/17;
    set_real_ip_from 162.158.0.0/15;
    set_real_ip_from 104.16.0.0/13;
    set_real_ip_from 104.24.0.0/14;
    set_real_ip_from 172.64.0.0/13;
    set_real_ip_from 131.0.72.0/22;
    set_real_ip_from 127.0.0.1/32;

    # IPv6:
    set_real_ip_from 2400:cb00::/32;
    set_real_ip_from 2606:4700::/32;
    set_real_ip_from 2803:f800::/32;
    set_real_ip_from 2405:b500::/32;
    set_real_ip_from 2405:8100::/32;
    set_real_ip_from 2a06:98c0::/29;
    set_real_ip_from 2c0f:f248::/32;

    real_ip_header CF-Connecting-IP;

     

    0

Please sign in to leave a comment.