From 63175c130ddaefe94e6d618e7456622051019e36 Mon Sep 17 00:00:00 2001 From: "A. Wilcox" Date: Tue, 27 May 2025 11:40:13 -0500 Subject: [PATCH] httpd config: Add X-Forwarded-For to our LogFormat For debugging and security response, we need to be able to know the original requestor's IP, not just the Traefik IP handling the request. This adds the content of the X-Forwarded-For header to the combined LogFormat, which is what we pipe out. If there is no content, Apache will log a "-"; there is no impact to images that directly face the Internet without being behind a proxy. --- files/etc/httpd/conf/httpd.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/files/etc/httpd/conf/httpd.conf b/files/etc/httpd/conf/httpd.conf index 9a76d19..37f0a59 100644 --- a/files/etc/httpd/conf/httpd.conf +++ b/files/etc/httpd/conf/httpd.conf @@ -189,7 +189,7 @@ LogLevel warn # The following directives define some format nicknames for use with # a CustomLog directive (see below). # - LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined + LogFormat "%h (for %{X-Forwarded-For}i) %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined LogFormat "%h %l %u %t \"%r\" %>s %b" common