Custom log format for use with CloudFlare

[gboudreau]

Hi,

I enabled CloudFlare on a couple of my websites a couple of days ago, and now faced the problem where the real IP addresses of my visitor is not in my logs anymore.

CloudFlare sends the real IP of clients using a custom HTTP header, but since I'm not using the Enterprise version of LS, I can't use custom logs, and thus can't use "%{Foobar}i" instead of the standard %h.

Just wanted to share that I now lost my visitor's IP addresses because I can't customize the log format.
Would be happy if that feature (or any other way to make LS CloudFlare-compatible) would be avail. in the standard version.

Cheers.

 

[NiteWave]

is the customized header is "X-Forwarded-For"? then
http://www.litespeedtech.com/docs/webserver/config/general/#useIpInProxyHeader
will help.

 

[gboudreau]

Sadly, no.
It's HTTP_CF_CONNECTING_IP.

Not sure why they don't use the standard X-Forwarded-For...
Will ask them if maybe they could add an option to allow me to choose between both in my account settings... Would indeed fix the problem.

Thanks.

 

[gboudreau]

Apparently, they already do fill that header!
It was not documented, thus why I didn't think it was, but enabling this option did give me the correct IP in my logs!

Big thanks for the pointer.

Good day.

 

[NiteWave]

Apparently, they already do fill that header!

can you check if HTTP_CF_CONNECTING_IP and X-Forwarded-For has same value?

 

[gboudreau]

Yes, they are the same:
http://ip.danslereseau.com/

 

[NiteWave]

tested with the URL, not exact same, in my case:

HTTP-X-Forwarded-For: xx.xx.xx.xx,yy.yy.yy.yy
HTTP-CF-Connecting-IP: yy.yy.yy.yy

xx.xx.xx.xx is my IP, yy.yy.yy.yy is my ISP's http proxy IP.

 

[gboudreau]

Thanks. I'll see with them if that's supposed to be like this. I'd think HTTP-CF-Connecting-IP should be the client IP, not the proxy IP.

 

[jp0p]

I'm also going to give cloudflare.com a try. If I enable the "Use Client IP in Header" feature and I have sites that do not go through a proxy, will the original header information be populated correctly? Or does it only use the x-forwarded-for header exclusively for all sites after it is enabled?

Many thanks!

 

[gboudreau]

If there is no HTTP-X-Forwarded-For header, the client IP is logged, as it should.
I stopped using CloudFlare a while ago, and never disabled that option, and the correct IP addresses are logged for all requests.

 

[jp0p]

If there is no HTTP-X-Forwarded-For header, the client IP is logged, as it should.
I stopped using CloudFlare a while ago, and never disabled that option, and the correct IP addresses are logged for all requests.

Thanks for your reply gboudreau!