2

i am struggling with HAProxy setup. Everything works well except IP, which is still displayed as local on web server instead of public. I have tried enable "option forwardfor" doesn´t work.

My setup is like. Mikrotik router, where is public IP. I have forwarded all web traffic to HAProxy server 192.168.1.7 On LAN are two webservers 192.168.1.20 and 192.168.1.21 website are displayed correctly but wehn I check on webserver $_SERVER['REMOTE_ADDR'] I still getting Local IP of HAProxy (192.168.1.7).

Any ideas Thanks

Josef

Josef
  • 21
  • 2

1 Answers1

1

You will want to have HAProxy pass the client IP within a header such as X-Forwarded-For or another equivalent header. See the documentation for option forwardfor https://www.haproxy.com/documentation/hapee/2-1r1/onepage/#4-option%20forwardfor

dcorbett
  • 452
  • 2
  • 2
  • option forwardfor adds the X-Forwarded-For HTTP header with the original IP, but if you are looking at the source address, it will still show up as the load balancer's internal address. In order to read the external IP of the user who connected to the load balancer, you need to modify your code (or your web server configuration) to specifically read that header. See https://totaluptime.com/kb/getting-the-original-client-ip-with-x-forwarded-for-in-your-code/ for some examples of this in different languages. – terafl0ps Mar 30 '20 at 16:58
  • So if I understand well, I need to amend my proxy setting according to this documentation https://www.haproxy.com/documentation/hapee/2-1r1/onepage/#4-option%20forwardfor (my config is below, is that correct?) and then amend aslo PHP code like this `$headers = apache_request_headers(); $real_client_ip = $headers["X-Forwarded-For"];` – Josef Mar 30 '20 at 17:33