How to capture client IP addresses in Apache access logs using AWS Elastic Load Balancer
Posted on Wed 22 May 2019 in misc
A few weeks ago I was trying to setup the X-Forwarded-For header so that Apache would log the client's IP address instead of the address of the ELB. Amazon's tutorial here states that the only requirement is to set the LogFormat
line in the config file to include the X-Forwarded-For
format string, but afterwards Apache still logged the ELB's IP address.
To get it to work, I had to set the RemoteIPHeader
directive like so:
RemoteIPHeader X-Forwarded-For
The RemoteIPHeader
tells Apache that it should treat the header value as the client IP address. The ELB uses the X-Forwarded-For
header to pass the client's address to Apache.
Then you will need to set the LogFormat
directive to include the client IP using the %a
format string. Here's is how it looks in my config:
LogFormat '"%a %l %u %t "%r" %>s %b "%{Referer}i" "%{User-Agent}i"' combined
Now Apache logs the client IP:
108.177.122.101 - - [21/May/2019:13:18:58 +0000] "GET /index.html HTTP/1.1" 200 - "https://example.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.157 Safari/537.36