How to log client IP address when using Load Balancer

Follow

When placing web servers behind a load balancer, the client IP address from browser is replaced with the IP address of load balancer. If you want to keep original IP addresses in web server access log, it is necessary to configure server to use X-Forwarded-For HTTP header.

 

Example 1 : apache server on Linux

You need to make following two changes in httpd.conf file.

LogFormat “%h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”" combined 
change to 
LogFormat “%h %{X-Forwarded-For}i %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User-Agent}i\”" combined 

LogFormat “%h %l %u %t \”%r\” %>s %b” common 
change to 
LogFormat “%h %{X-Forwarded-For}i %l %u %t \”%r\” %>s %b” common

 

Example 2 : IIS server on Windows

With IIS Advanced Logging function, you can set up logging to use X-Forwarded-Fro header field when determining origin's IP address.

 

In case of secure https communication, if SSL certificate is not installed on load balancer, it cannot decode messages nor add the necessary X-Forwarded-For field to the http headers.

We are able to install SSL certificate on a load balancer, so users who have created standard load balancer from Control Panel, please contact Customers Support about the matter. 
* When requesting installation, please send us IP address of the lad balancer, domain name, private key as well as the SSL certificate. 
* Setting up SSL certificate may take 1~2 business days.

0 out of 0 found this helpful

Comments

0 comments

Article is closed for comments.