If you setup Apache 2.4 With mod_remoteip, the apache extendedstatus always gives you the proxy IP, instead of client IP, actually this is due to that the mod_status set client IP very early when there is a TCP connection but no headers, Apache 2.4 allows per-request notion of overriding the client address, but not at this early stage. To overcome this issue, I would suggest you to use mod_reveseproxy apache module, the modules is completely based on mod_cloudflare and mod_remoteip.
To install, follow the instructions on:
wget https://raw.github.com/Prajithp/mod_reverseproxy/master/mod_reverseproxy.c
apxs -i -c -n mod_reverseproxy.so mod_reverseproxy.c
Configuration Directives
ReverseProxyEnable (On|Off) - Enable reverse proxy
ReverseProxyRemoteIPHeader X-Real-IP - The header to use for the real IP
address.
ReverseProxyRemoteIPTrusted 127.0.0.1 - What IPs to adjust requests for
Example Configuration
LoadModule reverseproxy_module modules/mod_reverseproxy.so
<IfModule reverseproxy_module>
ReverseProxyEnable On
ReverseProxyRemoteIPHeader X-Real-IP
ReverseProxyRemoteIPTrusted 127.0.0.1
ReverseProxyRemoteIPTrusted 46.105.160.192
</IfModule>
NOTES:
- If mod_cloudflare or mod_remoteip are already loaded on the same web server, the web server will crash because both modules try to set the remote IP to a different value.
https://github.com/Prajithp/mod_reverseproxy
The post mod_reveseproxy: extract client IP from reverse proxy appeared first on Linux - e-diary.