apache 日志中记录代理IP以及真实客户端IP

本文详细介绍了如何通过修改Apache的日志格式来正确记录客户端的真实IP地址,尤其是在使用Nginx作为反向代理的情况下。通过对比修改前后的配置文件及日志输出结果,展示了具体的实现步骤。

说明:我用的是nginx反向代理,实际上就是在logformat中添加%{X-FORWARDED-FOR}i,下面为实验过程

一、下面是我的nginx反向代理的配置文件内容

nginx主配置主配置文件

[root@nginx-server conf]# cat nginx.conf
worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    upstream lb_server {
      server 192.168.17.10;
      server 192.168.17.11;
    }
    include extra/lbserver.conf;
}

lbserver配置文件

[root@nginx-server conf]# cat extra/lbserver.conf 
server {
    location / {
        proxy_pass http://lb_server;
        proxy_set_header Host      $host;
        proxy_set_header X-Forwarded-For $remote_addr;
    }
}
二、修改前

没有修改访问日志格式前的apache配置文件

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    <IfModule logio_module>
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
    CustomLog "logs/access_log" common
</IfModule>

发现不能记录访问者的ip

[root@lamp-server ~]# tail -f /application/apache/logs/www-access_log 
192.168.17.13 - - [04/Dec/2016:13:40:29 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:40:31 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:40:34 +0800] "GET / HTTP/1.0" 200 35
  2.168.17.13 - - [04/Dec/2016:13:40:36 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:40:38 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:56:23 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:56:25 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:56:27 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:56:29 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:56:31 +0800] "GET / HTTP/1.0" 200 35
三、修改后

修改过访问日志格式后的apache配置文件

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b %{X-FORWARDED-FOR}i" common
    <IfModule logio_module>
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
    CustomLog "logs/access_log" common
</IfModule>

修改后再次访问测试

[root@lamp-server ~]# > /application/apache/logs/www-access_log        
[root@lamp-server ~]# tail -f /application/apache/logs/www-access_log 
192.168.17.13 - - [04/Dec/2016:14:04:49 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:04:51 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:04:53 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:04:55 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:04:57 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:04:59 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:05:01 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:05:03 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:05:05 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
附录:我在客户机上的测试脚本
[root@myblog ~]# for n in `seq 20`;do curl www.amsilence.com;sleep 1;done;

注意:如果你在虚拟主机上面引用什么日志格式,就需要修改对应日志格式上的参数,不能改到别的日志格式上面

评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值