[prev in list] [next in list] [prev in thread] [next in thread] 

List:       nginx
Subject:    Re: Real client IP in the error logs when a server is behind a reverse proxy
From:       Mik J via nginx <nginx () nginx ! org>
Date:       2022-06-30 22:40:15
Message-ID: 1071071259.956822.1656628815061 () mail ! yahoo ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Thank you for your answers,
Matthew, I use Openbsd
Nanaya, I tried your solution and it worked. I had to readapt a bit my configuration \
(removed xforwardedLog) so that my access_log is formated without duplicate IPs. \
Regards  Le jeudi 30 juin 2022 à 17:17:01 UTC+2, nanaya <me@nanaya.pro> a écrit :  
 
 Hello,

You need to set the reverse proxy ip in the www server:

https://nginx.org/r/set_real_ip_from

Also note this will replace $remote_addr with the value from X-Real-IP header (the \
original value is in $realip_remote_addr).

On Thu, Jun 30, 2022, at 21:56, Mik J via nginx wrote:
> Hello,
> 
> My configuration on my www server (192.168.1.10) on the vhost looks like that
> server {
> ...
> access_log /var/log/nginx/mylogs.mydomain.org.access.log xforwardedLog;
> error_log /var/log/nginx/ mylogs.mydomain.org.error.log;
> 
> and in nginx.conf
> http {
> ...
> log_format   xforwardedLog   '$remote_addr forwarded for $http_x_real_ip 
> - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' 
> '"$http_referer" "$http_user_agent"';
> 
> On my www server 192.168.1.10 I can see the access logs
> 192.168.1.20 forwarded for 54.38.10x.x - - [30/Jun/2022:13:44:38 +0200] 
> "GET / HTTP/1.0" 200 7112 "http://app.mydomain.org" "Mozilla/1.22 
> (compatible; MSIE 5.01; PalmOS 3.0) EudoraWeb 2.1"
> And it works correctly for me because I can see the IP of the user on 
> the Internet
> 
> But on the error.log I don't see the IP of the user on the Internet
> 2022/06/28 16:12:27 [error] 45747#0: *11 access forbidden by rule, 
> client: 192.168.1.20, server: app.mydomain.org, request: "GET 
> /.git/config HTTP/1.0", host: " <MY PUBLIC IP>", referrer: 
> "http://app.mydomain.org"
> So here as you can see in the logs my client 192.168.1.20 is the 
> reverse proxy and not the client on the Internet
> 
> So in access logs
> http://nginx.org/en/docs/http/ngx_http_log_module.html
> I can get the IP of the Internet use
> 
> How can I get the IP of the Internet user when it generates an error log ?
> 
_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org
  


[Attachment #5 (text/html)]

<html><head></head><body><div class="yahoo-style-wrap" style="font-family:Helvetica \
Neue, Helvetica, Arial, sans-serif;font-size:16px;"><div>Thank you for your \
answers,</div><div><br></div><div dir="ltr" data-setdir="false">Matthew, I use \
Openbsd</div><div dir="ltr" data-setdir="false"><br></div><div dir="ltr" \
data-setdir="false">Nanaya, I tried your solution and it worked. I had to readapt a \
bit my configuration (removed <span>xforwardedLog</span>) so that my access_log is \
formated without duplicate IPs.</div><div dir="ltr" \
data-setdir="false"><br></div><div dir="ltr" \
data-setdir="false">Regards<br></div><div id="yahoo_quoted_6853808587" \
                class="yahoo_quoted">
            <div style="font-family:'Helvetica Neue', Helvetica, Arial, \
sans-serif;font-size:13px;color:#26282a;">  
                <div>
                    Le jeudi 30 juin 2022 Ã  17:17:01 UTC+2, nanaya \
&lt;me@nanaya.pro&gt; a écrit :  </div>
                <div><br></div>
                <div><br></div>
                <div><div dir="ltr">Hello,<br clear="none"><br clear="none">You need \
to set the reverse proxy ip in the www server:<br clear="none"><br clear="none"><a \
shape="rect" href="https://nginx.org/r/set_real_ip_from" \
target="_blank">https://nginx.org/r/set_real_ip_from</a><br clear="none"><br \
clear="none">Also note this will replace $remote_addr with the value from X-Real-IP \
header (the original value is in $realip_remote_addr).<br clear="none"><div \
class="yqt5909362207" id="yqtfd32222"><br clear="none">On Thu, Jun 30, 2022, at \
21:56, Mik J via nginx wrote:<br clear="none">&gt; Hello,<br clear="none">&gt;<br \
clear="none">&gt; My configuration on my www server (192.168.1.10) on the vhost looks \
like that<br clear="none">&gt; server {<br clear="none">&gt; ...<br \
clear="none">&gt;&nbsp; &nbsp; &nbsp; &nbsp;  access_log \
/var/log/nginx/mylogs.mydomain.org.access.log xforwardedLog;<br \
clear="none">&gt;&nbsp; &nbsp; &nbsp; &nbsp;  error_log /var/log/nginx/ \
mylogs.mydomain.org.error.log;<br clear="none">&gt;<br clear="none">&gt; and in \
nginx.conf<br clear="none">&gt; http {<br clear="none">&gt; ...<br clear="none">&gt; \
log_format&nbsp; xforwardedLog&nbsp;  '$remote_addr forwarded for $http_x_real_ip <br \
clear="none">&gt; - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent \
' <br clear="none">&gt; '"$http_referer" "$http_user_agent"';<br clear="none">&gt;<br \
clear="none">&gt; On my www server 192.168.1.10 I can see the access logs<br \
clear="none">&gt; 192.168.1.20 forwarded for 54.38.10x.x - - [30/Jun/2022:13:44:38 \
+0200] <br clear="none">&gt; "GET / HTTP/1.0" 200 7112 "<a shape="rect" \
href="http://app.mydomain.org" target="_blank">http://app.mydomain.org</a>" \
"Mozilla/1.22 <br clear="none">&gt; (compatible; MSIE 5.01; PalmOS 3.0) EudoraWeb \
2.1"<br clear="none">&gt; And it works correctly for me because I can see the IP of \
the user on <br clear="none">&gt; the Internet<br clear="none">&gt;<br \
clear="none">&gt; But on the error.log I don't see the IP of the user on the \
Internet<br clear="none">&gt; 2022/06/28 16:12:27 [error] 45747#0: *11 access \
forbidden by rule, <br clear="none">&gt; client: 192.168.1.20, server: \
app.mydomain.org, request: "GET <br clear="none">&gt; /.git/config HTTP/1.0", host: " \
&lt;MY PUBLIC IP&gt;", referrer: <br clear="none">&gt; "<a shape="rect" \
href="http://app.mydomain.org" target="_blank">http://app.mydomain.org</a>"<br \
clear="none">&gt; So here as you can see in the logs my client 192.168.1.20 is the \
<br clear="none">&gt; reverse proxy and not the client on the Internet<br \
clear="none">&gt;<br clear="none">&gt; So in access logs<br clear="none">&gt; <a \
shape="rect" href="http://nginx.org/en/docs/http/ngx_http_log_module.html" \
target="_blank">http://nginx.org/en/docs/http/ngx_http_log_module.html</a><br \
clear="none">&gt; I can get the IP of the Internet use<br clear="none">&gt;<br \
clear="none">&gt; How can I get the IP of the Internet user when it generates an \
error log ?<br clear="none">&gt;<br \
clear="none">_______________________________________________<br clear="none">nginx \
mailing list -- <a shape="rect" ymailto="mailto:nginx@nginx.org" \
href="mailto:nginx@nginx.org">nginx@nginx.org</a><br clear="none">To unsubscribe send \
an email to <a shape="rect" ymailto="mailto:nginx-leave@nginx.org" \
href="mailto:nginx-leave@nginx.org">nginx-leave@nginx.org</a><br \
clear="none"></div></div></div>  </div>
        </div></div></body></html>



_______________________________________________
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-leave@nginx.org


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic