Logging Real IP with haproxy and nginx

References

https://ma.ttias.be/nginx-access-log-log-the-real-users-ip-instead-of-the-proxy/


haproxy.conf

backend systemerror.co.za
...
    option httpclose
    option forwardfor
    http-request set-header X-Forwarded-Port %[dst_port]
    http-request add-header X-Forwarded-Proto https if { ssl_fc }

nginx.conf

http {
...
   log_format main '$http_x_forwarded_for - $remote_user [$time_local] '
               '"$request" $status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent"' ;    
...
server {
    server_tokens off;
    add_header X-Powered-By DARKSLB;
    add_header X-Frame-Options SAMEORIGIN;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    access_log syslog:server=elk.systemerror.co.za:514,facility=local5,severity=info main;   

sample log output

219.131.84.126 - - [01/Mar/2018:19:33:48 +0200] "GET /2018/03/01/untitled/ HTTP/1.1" 200 6848 "http://www.systemerror.co.za/" "Opera/9.80 (Windows NT 6.2; Win64; x64) Presto/2.12.388 Version/12.17"  
comments powered by Disqus