-
Logging IP’s on Apache while behind an ELB
We recently had an issue where we had to track the IP’s of the remote hosts connecting to the servers behind our Amazon elastic load balancer. In order to accomplish this we had to adjust the LOGFORMAT of the apache server to log that X-FORWARDED-FOR header that is sent by the ELB. This can vary depending on the server, but you will either need to edit your httpd.conf or apache2.conf file (often in /etc/apache2/).
Add the following to your apache config (comment out the existing settings).
First to find where to place it, you can just search out LOGFORMAT to find the existing settings. Comment the out (or delete if you want) and add the following:LogFormat "%v:%p %{X-Forwarded-For}i %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %O" common
Now restart your apache server and you should start to see the IP’s in the logs versus just the load balancer IP.
This is useful if you want to try to block or limit traffic to/from specific IP’s to the servers behind the ELB.
1 Trackbacks / Pingbacks
-
[…] One such way to accomplish this is to first allow logging of the IP from the ELB using the X-Forwarded-For header. You can see how to do this here. […]
Leave a reply
-
Blocking IP’s while behind an Amazon ELB with Apache @ Computer Plumber June 3rd, 2013 at 16:24