Apache 不会记录 X-Forwarded-For

Apache 不会记录 X-Forwarded-For

我试图在 Apache 访问日志中记录存储在 X-Forwarded-For http 标头中的客户端 IP,但没有成功,并且已经花了好几个小时才弄明白。我尝试了很多不同的方法 - 似乎都没有用!

首先我尝试:

# Fields to record
LogFormat "(%{X-Forwarded-For}i) %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

# Log locations
CustomLog "/var/log/httpd/access.log" combined env=!dontlog

我也试过

# Fields to record
LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

# Log locations
CustomLog "/var/log/httpd/access.log" combined env=!dontlog

我也尝试过:

RemoteIPHeader X-Forwarded-For
RemoteIPTrustedProxy 192.168.1.10


# Fields to record
LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

# Log locations
CustomLog "/var/log/httpd/access.log" combined env=!dontlog

这是在 CentOS8 上

httpd -v
Server version: Apache/2.4.37 (centos)
Server built:   Sep 15 2020 15:41:16

远程 IP 模块已安装并且我假设已启用?

 httpd -M | grep remoteip
 remoteip_module (shared)

我知道 X-Forwarded-For 标头已被发送,因为我做了一个 tcpdump:

    User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:82.0) Gecko/20100101 Firefox/82.0
    Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8
    Accept-Language: en-CA,en-US;q=0.7,en;q=0.3
    Connection: keep-alive
    Cookie: _fbp=fb.1.1599523605116.597747458; __qca=P0-681804816-1599523605211; _ga=GA1.2.489007183.1600273387; _gid=GA1.2.315615129.1604091772; LB=1460283402.20480.0000; _dc_gtm_UA-34638206-1=1; _gat_UA-34638206-1=1
    Upgrade-Insecure-Requests: 1
    Pragma: no-cache
    Cache-Control: no-cache
    X-Forwarded-For: 69.165.232.76
    X-Forwarded-Proto: http

大小写/拼写与我在配置文件中输入的相同。那么为什么我总是获取负载均衡器 IP,而不是实际的客户端 IP?

我知道我正在编辑正确的文件,因为如果我将乱码放入其中而破坏文件,apache 将无法加载。

我已经束手无策了。求谁来帮帮我 :)

答案1

为了其他人的利益,以下是我们采取的有效措施:

 # Fields to record - use X-Forward-For instead of client IP so that we get the actual clients IP
 LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" mycustom

 # Log locations
 CustomLog "/var/log/httpd/access.log" mycustom env=!dontlog
 ErrorLog "/var/log/httpd/error.log"

上面的评论中提到的关键是:

  • 您不能使用组合,因为它要么被保留,要么在 apache 配置的其他地方使用

  • 您需要使用%{X-Forwarded-For}iNOT%a%h

相关内容