makeittotop · June 1, 2016 20:59
diff --git a/apache-log-enable-x-forwarded-for b/apache-log-enable-x-forwarded-for
 Apache LogFormat and CustomLog Configuration Changes

 Although Apache has a large number of options insofar as what gets logged is concerned, this article is going to focus on the combined log format, which typically involves logging the following items:

 Remote Host (will use hostnames if apache is configured to look them up)
 Remote logname (typically a dash but could contain the rfc1413-compliant remote user name)
 Remote User (typically a dash unless apache is doing some kind of authentication)
 Timestamp of when the request was received.  This is the local time for the server locale.
 The first line of the request (typically the request URI)
 The status code returned by the server (after redirection has taken place)
 The size of the request minus response headers
 The referring website, if present.
 The user-agent (browser, robot, spider, etc) that made the request.
 A default logging configuration in your httpd.conf looks like this:

 1
 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
 2
 CustomLog log/acces_log combined
 There are several changes you are going to want to make to the default format in order to log the X-Forwarded-For client ip address or the real client ip address if the X-Forwarded-For header does not exist. Those changes are below:

 1
 LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
 2
 LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
 3
 SetEnvIf X-Forwarded-For "^.*\..*\..*\..*" forwarded
 4
 CustomLog "logs/access_log" combined env=!forwarded
 5
 CustomLog "logs/access_log" proxy env=forwarded
	Apache LogFormat and CustomLog Configuration Changes

	Although Apache has a large number of options insofar as what gets logged is concerned, this article is going to focus on the combined log format, which typically involves logging the following items:

	Remote Host (will use hostnames if apache is configured to look them up)
	Remote logname (typically a dash but could contain the rfc1413-compliant remote user name)
	Remote User (typically a dash unless apache is doing some kind of authentication)
	Timestamp of when the request was received. This is the local time for the server locale.
	The first line of the request (typically the request URI)
	The status code returned by the server (after redirection has taken place)
	The size of the request minus response headers
	The referring website, if present.
	The user-agent (browser, robot, spider, etc) that made the request.
	A default logging configuration in your httpd.conf looks like this:

	1
	LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-agent}i\"" combined
	2
	CustomLog log/acces_log combined
	There are several changes you are going to want to make to the default format in order to log the X-Forwarded-For client ip address or the real client ip address if the X-Forwarded-For header does not exist. Those changes are below:

	1
	LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
	2
	LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" proxy
	3
	SetEnvIf X-Forwarded-For "^.\..\..\.." forwarded
	4
	CustomLog "logs/access_log" combined env=!forwarded
	5
	CustomLog "logs/access_log" proxy env=forwarded