Nginx as a reverse proxy for Apache
A traditional setup is having Nginx as a frontend and then running Apache through reverse proxy. The Apache logs become full of just a single IP address, the accesses from the Nginx server – usually 127.0.0.1 if you are running both on the same server.
No more GeoIP decisions on the backend or any other feature by remote address.
But we know that Nginx passes along the original client IP address on a HTTP header named X-Forwarded-For
to the backend server. It would be awesome if Apache could deal with that,
Have no fear, Reverse Proxy Add Forward is here!
Fortunately there is already a module that injects the IP on a special header to the HTTP request to Apache: mod_rpaf
The installation couldn’t be more simple than
$ sudo apt-get install libapache2-mod-rpaf
It will enabled it automatically
/etc/apache2/mods-enabled/rpaf.conf
/etc/apache2/mods-enabled/rpaf.load
In Nginx I usually include /etc/nginx/proxy.conf
in my configuration. It already has these lines to help that everything works easily
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
Just restart the Apache server
$ sudo service apache2 restart
But there’s a problem
Unfortunately it won’t work if you are using Ubuntu 12.04.
mod_rpaf
is not working on Precise !
There is a bug with the package that is known to Canonical since last December as you can see in the bug track. Being a LTS version I don’t understand this attitude from them.
$ cat /etc/apache2/mods-enabled/rpaf.conf
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.1 ::1
And the problem is that it is originally named mod_rpaf-2.0.c
.
$ strings /usr/lib/apache2/modules/mod_rpaf.so | grep mod_rpaf
mod_rpaf.so
mod_rpaf-2.0.c
Enable mod_rpaf
Let mod_rpaf set the hostname from X-Host header and update vhosts
Just edit the first line of /etc/apache2/mods-enabled/rpaf.conf
and change it to
Restart again the Apache2 server and you will start to get all those remote IPs on your log files.
Conclusion
If it was not for the known bug this post could have been just one line to install mod_rpaf
:-)
thanks! You made my day.
Thanks for
Hey. i have installed libapache2-mod-rpaf in apache restarted it and checked y conf in nginx :
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
but it isn’t working?