Personal tools

Navigation

You are here: Home / Debian GNU/Linux / Servers / Apache 2 / Get the real IP address of a visitor accessing to a Apache 2 server behind a reverse proxy

Get the real IP address of a visitor accessing to a Apache 2 server behind a reverse proxy

by Pierre-Yves Landuré — last modified Mar 02, 2018 08:35

Reverse proxy usage has many reasons: cache the served pages (Varnish), set up a load balancing (HAProxy) or serve the content of many servers on only one IP address. The reverse proxy provide the visitor real IP address in the X-Forwarded-For header. This howto provides a method to get the IP address from this header and use it as the client IP address instead of the reverse proxy IP address.

This howto is tested on:

Debian 6.0 Squeeze
Debian 7.0 Wheezy

Parameters

Provide the reverse proxies IP addresses as seen by the local host, separated by spaces:

REVERSE_PROXY_IPS="127.0.0.1"

Installation

Install the RPAF module:

command apt-get install libapache2-mod-rpaf

Enable the module:

command a2enmod rpaf

Configure the reverse proxies IP addresses:

command sed -i \
    -e "s/^[ \t]*RPAFproxy_ips.*$/& ${REVERSE_PROXY_IPS}/" \
  '/etc/apache2/mods-available/rpaf.conf'

Reload the configuration:

/etc/init.d/apache2 force-reload

Thanks

Thanks to reverse proxy add forward module for Apache (mod_rpaf) (en) developers.

Thanks to Be-Root.com (fr) for Protéger Apache de slowloris (fr).

Comments (0)

Recent posts: Install the certbot client (Let's Encrypt) acme.sh on Debian; Install Glances on Debian; Refresh thumbnails in Nautilus; Convert a music library from a format to another with mussync-tools; Protect a SSH access from disconnections; Install Clementine Music Player on Ubuntu; Backport a Debian package from testing to stable; Recent posts - More…

Related posts

Navigation

System
Servers
- Apache 2
- HTTP
- PHP
- MySQL
- Databases
- Syslog
- Various
Web applications

Follow Biapy !: Recent posts Recent bookmarks on Twitter on Facebook sur Google