关闭

apache 日志中记录代理IP以及真实客户端IP

标签: apache
177人阅读 评论(0) 收藏 举报
分类:

说明:我用的是nginx反向代理,实际上就是在logformat中添加%{X-FORWARDED-FOR}i,下面为实验过程

一、下面是我的nginx反向代理的配置文件内容

nginx主配置主配置文件

[root@nginx-server conf]# cat nginx.conf
worker_processes  1;
events {
    worker_connections  1024;
}
http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile        on;
    keepalive_timeout  65;
    upstream lb_server {
      server 192.168.17.10;
      server 192.168.17.11;
    }
    include extra/lbserver.conf;
}

lbserver配置文件

[root@nginx-server conf]# cat extra/lbserver.conf 
server {
    location / {
        proxy_pass http://lb_server;
        proxy_set_header Host      $host;
        proxy_set_header X-Forwarded-For $remote_addr;
    }
}

二、修改前

没有修改访问日志格式前的apache配置文件

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    <IfModule logio_module>
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
    CustomLog "logs/access_log" common
</IfModule>

发现不能记录访问者的ip

[root@lamp-server ~]# tail -f /application/apache/logs/www-access_log 
192.168.17.13 - - [04/Dec/2016:13:40:29 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:40:31 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:40:34 +0800] "GET / HTTP/1.0" 200 35
  2.168.17.13 - - [04/Dec/2016:13:40:36 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:40:38 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:56:23 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:56:25 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:56:27 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:56:29 +0800] "GET / HTTP/1.0" 200 35
192.168.17.13 - - [04/Dec/2016:13:56:31 +0800] "GET / HTTP/1.0" 200 35

三、修改后

修改过访问日志格式后的apache配置文件

<IfModule log_config_module>
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    LogFormat "%h %l %u %t \"%r\" %>s %b %{X-FORWARDED-FOR}i" common
    <IfModule logio_module>
      LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\" %I %O" combinedio
    </IfModule>
    CustomLog "logs/access_log" common
</IfModule>

修改后再次访问测试

[root@lamp-server ~]# > /application/apache/logs/www-access_log        
[root@lamp-server ~]# tail -f /application/apache/logs/www-access_log 
192.168.17.13 - - [04/Dec/2016:14:04:49 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:04:51 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:04:53 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:04:55 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:04:57 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:04:59 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:05:01 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:05:03 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199
192.168.17.13 - - [04/Dec/2016:14:05:05 +0800] "GET / HTTP/1.0" 200 35 192.168.17.199

附录:我在客户机上的测试脚本

[root@myblog ~]# for n in `seq 20`;do curl www.amsilence.com;sleep 1;done;

注意:如果你在虚拟主机上面引用什么日志格式,就需要修改对应日志格式上的参数,不能改到别的日志格式上面

0
0

查看评论
* 以上用户言论只代表其个人观点,不代表CSDN网站的观点或立场
    个人资料
    • 访问:11948次
    • 积分:333
    • 等级:
    • 排名:千里之外
    • 原创:22篇
    • 转载:0篇
    • 译文:0篇
    • 评论:0条