You are here: Home / Debian GNU/Linux / Servers / Apache 2 / Get the real IP address of a visitor accessing to a Apache 2 server behind a reverse proxy

Get the real IP address of a visitor accessing to a Apache 2 server behind a reverse proxy

by Pierre-Yves Landuré last modified Apr 18, 2013 12:36 PM

Reverse proxy usage has many reasons: cache the served pages (Varnish), set up a load balancing (HAProxy) or serve the content of many servers on only one IP address. The reverse proxy provide the visitor real IP address in the X-Forwarded-For header. This howto provides a method to get the IP address from this header and use it as the client IP address instead of the reverse proxy IP address.

This howto is tested on:

  • Debian 6.0 Squeeze
  • Debian 7.0 Wheezy

Parameters

Provide the reverse proxies IP addresses as seen by the local host, separated by spaces:

REVERSE_PROXY_IPS="127.0.0.1"

Installation

Install the RPAF module:

command apt-get install libapache2-mod-rpaf

Enable the module:

command a2enmod rpaf

Configure the reverse proxies IP addresses:

echo "# rpaf module configuration
<IfModule mod_rpaf.c>
  RPAFproxy_ips ${REVERSE_PROXY_IPS}
  # RPAF 0.6 only option (not on Debian 6.0 Squeeze)
  # RPAFheader X-Forwarded-For
</IfModule>" \
  > '/etc/apache2/conf.d/rpaf'

Reload the configuration:

/etc/init.d/apache2 force-reload

Thanks

Add comment

You can add a comment by filling out the form below. Plain text formatting. Web and email addresses are transformed into clickable links. Comments are moderated.