Bug#425008: apache2: handle X-FORWARDED-FOR by default
Package: apache2
Version: 2.2.3-3.3
Severity: wishlist
When running apache2 from behind a proxy, the default log format
does not honor the X-Forwarded-For header. The attached patch modifies
the default format so that it is honored when present and has no effect
when not present.
--- a/etc/apache2/apache2.conf Thu May 03 23:57:15 2007 +0200
+++ b/etc/apache2/apache2.conf Thu May 03 23:59:07 2007 +0200
@@ -199,9 +199,12 @@ Include /etc/apache2/conf.d/
# a CustomLog directive (see below).
#
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
+LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined_forwarded
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
+
+SetEnvIfNoCase X-Forwarded-For "." from_proxy=1
#
# ServerTokens
--- a/etc/apache2/sites-available/default Thu May 03 23:57:15 2007 +0200
+++ b/etc/apache2/sites-available/default Thu May 03 23:59:07 2007 +0200
@@ -34,7 +34,8 @@ NameVirtualHost *
# alert, emerg.
LogLevel warn
- CustomLog /var/log/apache2/access.log combined
+ CustomLog /var/log/apache2/access.log combined env=!from_proxy
+ CustomLog /var/log/apache2/access.log combined_forwarded env=from_proxy
ServerSignature On
http://garden.dachary.org/universe.html#%5B%5BApache%20x-forwarded-for%20log%20when%20behind%20a%20proxy%5D%5D
-- System Information:
Debian Release: 4.0
APT prefers stable
APT policy: (500, 'stable'), (1, 'experimental')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-1-vserver-686
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Versions of packages apache2 depends on:
ii apache2-mpm-prefork 2.2.3-3.3 Traditional model for Apache HTTPD
apache2 recommends no packages.
-- no debconf information
Reply to: