mod_rpaf with apache error_log

Posted by Camden S. on Server Fault See other posts from Server Fault or by Camden S.
Published on 2012-06-05T20:35:28Z Indexed on 2012/06/05 22:42 UTC
Read the original article Hit count: 323

Filed under:
|

I'm using mod-rpaf with Apache 2.4 and it's working properly (showing the real client IP's) in my Apache access_log... but not in my error_log. My error log just shows the client IP address of the proxy server (my load balancer in this case)

Here's an example of what I see in my error_log where 123.123.123.123 is the IP of my load balancer/proxy.

==> /usr/local/apache2/logs/error_log <== [Tue Jun 05 20:24:31.027525 2012] [access_compat:error] [pid 9145:tid 140485731845888] [client 123.123.123.123:20396] AH01797: client denied by server configuration: /wwwroot/private/secret.pdf

The exact same request produces the following in my access_log where 456.456.456.456 is a real client IP (not the IP of the load balancer).

456.456.456.456 - - [05/Jun/2012:20:24:31 +0000] "GET /wwwroot/private/secret.pdf HTTP/1.1" 403 228 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.7; rv:12.0) Gecko/20100101 Firefox/12.0"

Here's my httpd.conf entry:

# RPAF
LoadModule rpaf_module  modules/mod_rpaf-2.0.so
RPAFenable On
RPAFproxy_ips 127.0.0.1 123.123.123.123
RPAFsethostname On
RPAFheader X-Forwarded-For

What do I need to do to get the real IP addresses showing in my Apache error_log?

© Server Fault or respective owner

Related posts about apache2

Related posts about mod-rpaf