I guess I'm stupid or what but I don't get this:
I'm using the RemoteIPHeader X-Forwarded-For within a VirtualHost configuration in order to determine GEO location of our users within our PHP application.
But I also would like to log the Remote IP of the clients within the apache logs.
The Apache combined log format looks like this:
LogFormat "%h (%{X-Forwarded-For}i) %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
According to documentation:
RemoteIPTrustedProxy Directive
The RemoteIPTrustedProxy directive adds one or more addresses (or address blocks) to trust as presenting a valid RemoteIPHeader value of the useragent IP. Unlike the RemoteIPInternalProxy directive, any intranet or private IP address reported by such proxies, including the 10/8, 172.16/12, 192.168/16, 169.254/16 and 127/8 blocks (or outside of the IPv6 public 2000::/3 block) are not trusted as the useragent IP, and are left in the RemoteIPHeader header's value.
In my case the directive looks like this:
RemoteIPTrustedProxy 172.31.0.0/16
Where I'm saying trust any PROXY forwarding from this local subnet.
BUT, when I set this Apache stops logging the remote IP because the forwarding proxy is valid now ?
So If I set:
RemoteIPTrustedProxy 10.10.10.10
The IP above doesn't exist. So the proxy servers from 172.31.0.0/16 are invalid now and therefore apache starts logging the remote IP header again?
Please, try to give me some guidance here, as obviously I don't understand this.
Thanks a lot !
