Get the real IP address of a visitor accessing to a Apache 2 server behind a reverse proxy
Reverse proxy usage has many reasons: cache the served pages (Varnish), set up a load balancing (HAProxy) or serve the content of many servers on only one IP address. The reverse proxy provide the visitor real IP address in the X-Forwarded-For header. This howto provides a method to get the IP address from this header and use it as the client IP address instead of the reverse proxy IP address.
This howto is tested on:
- Debian 6.0 Squeeze
- Debian 7.0 Wheezy
Provide the reverse proxies IP addresses as seen by the local host, separated by spaces:
Install the RPAF module:
command apt-get install libapache2-mod-rpaf
Enable the module:
command a2enmod rpaf
Configure the reverse proxies IP addresses:
echo "# rpaf module configuration
# RPAF 0.6 only option (not on Debian 6.0 Squeeze)
# RPAFheader X-Forwarded-For
Reload the configuration:
- Thanks to reverse proxy add forward module for Apache (mod_rpaf) developers.