You are here: Home / Debian GNU/Linux / Servers / Apache 2 / Get the real IP address of a visitor accessing to a Apache 2 server behind a reverse proxy

Get the real IP address of a visitor accessing to a Apache 2 server behind a reverse proxy

by Pierre-Yves Landuré last modified Mar 02, 2018 08:35

Reverse proxy usage has many reasons: cache the served pages (Varnish), set up a load balancing (HAProxy) or serve the content of many servers on only one IP address. The reverse proxy provide the visitor real IP address in the X-Forwarded-For header. This howto provides a method to get the IP address from this header and use it as the client IP address instead of the reverse proxy IP address.

This howto is tested on:

  • Debian 6.0 Squeeze
  • Debian 7.0 Wheezy

Parameters

Provide the reverse proxies IP addresses as seen by the local host, separated by spaces:

REVERSE_PROXY_IPS="127.0.0.1"

Installation

Install the RPAF module:

command apt-get install libapache2-mod-rpaf

Enable the module:

command a2enmod rpaf

Configure the reverse proxies IP addresses:

command sed -i \
    -e "s/^[ \t]*RPAFproxy_ips.*$/& ${REVERSE_PROXY_IPS}/" \
  '/etc/apache2/mods-available/rpaf.conf'

Reload the configuration:

/etc/init.d/apache2 force-reload

Thanks