I love Apache. I love nginx. I love them when they’re alone, and I love them when they’re together. But when they’re together, sometimes they don’t play nice.
When behind a proxy, Apache will use the proxy’s IP address in logs and everywhere else. Unless your application knows to look for X-Forwarded-For, every single one of your visitors will have your proxy’s IP. Helpful, huh?
Thankfully, there’s a module that’ll help you get around this, called mod_rpaf (reverse proxy add forward).
The Github page has some info on how to install it, but I couldn’t get that to work on Ubuntu 12.04. Here’s what worked instead:
|
1 2 3 4 5 6 |
apt-get install build-essential apache2-threaded-dev libtool git-core git clone https://github.com/gnif/mod_rpaf.git cd mod_rpaf/ make make install libtool --finish /usr/lib/apache2/modules |
|
1 |
LoadModule rpaf_module /usr/lib/apache2/modules/mod_rpaf.so |
|
1 2 3 |
RPAF_Enable On RPAF_ProxyIPs 192.168.0.0/16 RPAF_Header X-Forwarded-For |
|
1 2 3 |
a2enmod rpaf apache2ctl configtest apache2ctl graceful |
You should start seeing some real IPs now!
Leave a Reply