Hello!
How can it be resolved that the user’s IP is displayed in the apache log and error log files? Currently, the server is operating from a natolt network (due to ddos protection behind vpn). and write the vpns address. example:
website.log: 192.168.80.1 - - [31/Jul/2022:01:16:14 +0200] “GET /19477/ HTTP/1.0” 404 121784
website_error.log:
[Sun Jul 31 00:41:35.548262 2022] [access_compat:error] [pid 2737475:tid 140163690780416] [client 192.168.80.1:51272] AH01797: client denied by server configuration:
eris
August 2, 2022, 5:56pm
3
Google set_real_ip_from nginx
It doesn’t work, in the domain log of apache2, it still says 192.168.80.1 and there are times when it writes cloudflare’s ip.
my system:
Hestia Control Panel:
v1.6.5 Operating System:
Debian 11.4 (x86_64)
my conf:
/home/example-1/conf/web/example.hu/nginx.conf
#=========================================================================#
#=========================================================================#
server {
include /home/example-1/conf/web/example.hu/nginx.forcessl.conf*;
location / {
proxy_pass http://192.168.80.1:8080;
set_real_ip_from 192.168.80.1;
location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|tif|tiff|css|js|htm|html|ttf|otf|webp|woff|txt|csv|rtf|doc|docx|xls|xlsx|ppt|pptx|odf|odp|ods|odt|pdf|psd|ai|eot|eps|ps|zip|tar|tgz|gz|rar|bz2|7z|aac|m4a|mp3|mp4|ogg|wav|wma|3gp|avi|flv|m4v|mkv|mov|mpeg|mpg|wmv|exe|iso|dmg|swf)$ {
root /home/example-1/web/example.hu/public_html;
access_log /var/log/apache2/domains/example.hu.log combined;
access_log /var/log/apache2/domains/example.hu.bytes bytes;
expires max;
try_files $uri @fallback;
}
}
location /error/ {
alias /home/example-1/web/example.hu/document_errors/;
}
location @fallback {
proxy_pass http://192.168.80.1:8080;
}
location ~ /\.(?!well-known\/|file) {
deny all;
return 404;
}
include /home/example-1/conf/web/example.hu/nginx.conf_*;
include "/etc/nginx/vhosts.d/cloudflare.conf";
}
cf:
/etc/nginx/vhosts.d/cloudflare.conf
real_ip_header CF-Connecting-IP;
/var/log/apache2/domains/example.hu.log
192.168.80.1 - - [02/Aug/2022:23:59:47 +0200] "GET
Nginx has already been restarted, it doesn’t help!
pluto
August 3, 2022, 4:33am
7
You’re looking at apache logs, so you probably want to delve into the apache config to solve this problem. From memory, look at the rpaf and remoteip modules, and then you might also need to alter the apache logging directive in apache.conf
1 Like
I’ve had so many problems that I have this:
my example public ip: 81.157.55.48
81.157.55.48 - - [03/Aug/2022:16:44:40 +0200] “GET /15173/ HTTP/1.0” 404 121830 “https://example.hu/15173/ ” “Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:52.0) Gecko/20100101 Firefox/52.0”
But only for this 1, it does not return the ip, but enters our public ip address, which is a big problem, because it floods the website and apache2 stops after a while.
I’ve noticed that it probably won’t return the ip address unless your request runs into a 404 error. If this helps as information.
system
September 5, 2022, 4:45pm
11
This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.
