Skip to main content

Apache Logs showing 127.0.0.1 when behind Nginx AND Cloudflare

Comments

8 comments

  • cPRex Jurassic Moderator

    Hey there!  I don't have a great explanation for this one - if you have mod_remoteip installed and the "RemoteIPHeader CF-Connecting-IP" as outlined at https://support.cpanel.net/hc/en-us/articles/360051107513-Restoring-visitors-IP-with-mod-remoteip it should work.  We'll likely need to see a ticket on this one to do additional troubleshooting.

    0
  • Neil

    cPRex Ah, got it!

    It needed the below adding as it was an internal proxy.

    RemoteIPHeader X-Forwarded-For
    RemoteIPInternalProxy 127.0.0.1

    Not sure whether it was me or the article, but I read it that those lines were only needed when using an external proxy rather than apache/nginx on same machine. Maybe worth updating the article?

    0
  • cPRex Jurassic Moderator

    Yes, they would need to escalate the ticket to us if they aren't able to resolve the issue.

    0
  • Neil

    Unfortunately the "RemoteIPInternalProxy 127.0.0.1" hasn't worked. I'll raise via the datacenter to get a ticket logged.

    0
  • cPRex Jurassic Moderator

    I'm glad you were able to get this at least partially working!  Let me know if the datacenter has any additional ideas!

    0
  • Neil

    I have just checked through logs for April then back to Feb + March and can only see 127.0.0.1

    0
  • cPRex Jurassic Moderator

    At this point it would be best to submit a ticket to our team so we can take a look.

    0
  • Thiago Voltolini

    Hello

    Experiencing the same behavior here. Logs for domains passing through Cloudflare are showing 127.0.0.1 for every request. If I disable the Cloudflare proxy (or point the domain directly to the server IP on the hosts file) the correct IP is logged.

    Proxy on:

    127.0.0.1 - - [30/Apr/2024:10:58:02 -0300] "GET /info.php HTTP/1.1" 200 27110 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"

    Proxy off:

    177.x.x.x - - [30/Apr/2024:11:06:04 -0300] "GET /info.php HTTP/1.1" 200 26946 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0"

    0

Please sign in to leave a comment.