Now apache 2.4 provide areal remoteIP software . It there will be enabled by default . You can check it as follows,
# httpd -l | grep mod_remoteip.c mod_remoteip.c
If you get the above results that means the remoteip module already compiled and enable in apache. otherwise you can download it from
https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/metadata/mod_remoteip.c
And compile it as follows,
# apxs -cia mod_remoteip.c
You may now need to add the following lines to httpd.conf for enabling this REMOTE_ADDR with real visitor Ip as follows,
Add the following lines to httpd.conf
#LoadModule remoteip_module /usr/lib/apache/mod_remoteip.so # This line only need if you compile this module alone RemoteIPHeader X-Real-IP RemoteIPInternalProxy X.X.X.X/24 # Your server IP address
Also please note this module is not available for lower versions of apache like apache 2.2.x , for that you have to use the mod_rpaf module itself .
I’m getting this in Debian wheezy after restarting apache with the new compiled module:
apache2: Syntax error on line 119 of /etc/apache2/apache2.conf: Syntax error on line 1 of /etc/apache2/mods-enabled/remoteip.load: Cannot load /usr/lib/apache2/modules/mod_remoteip.so into server: /usr/lib/apache2/modules/mod_remoteip.so: undefined symbol: ap_log_rerror_
You will might need to change the log format from:
LogFormat “%h %l %u %t \”%r\” %>s %O \”%{Referer}i\” \”%{User-Agent}i\”” combined
Into(replacing the %h with %a):
LogFormat “%a %l %u %t \”%r\” %>s %O \”%{Referer}i\” \”%{User-Agent}i\”” combined
Error, please help me!
/app/httpd/bin/apxs -cia mod_remoteip.c
/app/httpd/build/libtool –silent –mode=compile gcc -prefer-pic -DLINUX=2 -D_REENTRANT -D_GNU_SOURCE -g -O2 -pthread -I/app/httpd/include -I/app/httpd/include -I/app/httpd/include -c -o mod_remoteip.lo mod_remoteip.c && touch mod_remoteip.slo
mod_remoteip.c: In function ‘remoteip_modify_request’:
mod_remoteip.c:258: error: ‘request_rec’ has no member named ‘useragent_addr’
mod_remoteip.c:258: error: ‘request_rec’ has no member named ‘useragent_addr’
mod_remoteip.c:258: error: ‘conn_rec’ has no member named ‘client_addr’
mod_remoteip.c:319:68: error: invalid digit “8” in octal constant
mod_remoteip.c:320: error: expected ‘)’ before string constant
mod_remoteip.c:357:68: error: invalid digit “9” in octal constant
mod_remoteip.c:358: error: expected ‘)’ before string constant
It looks like you are using wrong mod_remoteip.c file . What is your apache version . You must use the apxs2 and the mod_remoteip.c included in the source of the correct version.
Hi
Thank you for taking the time to share this post. Of all the ones I found, it was the most direct and actionable. So thanks for that.
I was having a problem that I wonder if you can help with. I successfully installed, and think, configured mod_remoteip. At least I didn’t get any errors. I even updated the log format like you recommended, per someone else’s guidance. I still though struggle pulling the real IP of the real visitor.
I posted my inquiry on stackoverflow: https://stackoverflow.com/questions/40392032/cant-get-logs-to-show-real-ip-w-mod-remoteip-and-sucuri but I was wondering if you’d be able to offer any insights.
I’m running a CentOS 7 machine, with Apache 2.4.6.
Thank you so much in advance for your time and attention.
Hello,
I think the error is on RemoteIPHeader Add it as follows,
RemoteIPHeader X-Real-IP
RemoteIPInternalProxy 127.0.0.1
RemoteIPInternalProxy 2a02:fe80::/29
RemoteIPInternalProxy 192.88.134.0/23