7

Nginx allows custom log formats for access logs -- right now I'm logging http_x_forwarded_for and it's working fine.

The problem is my error log only shows the LB IP. After Googling and reading through their documentation, it seems error_log doesn't support a custom format, only setting the log level (info, alert, notice, warning, etc).

Is there any kind of workaround or module I could use to get around this?

For completeness, my setup is:

Amazon ELB -> pool of instances running nginx as a reverse proxy to php-fpm 7.0

skrewler
  • 308
  • 1
  • 3
  • 13

1 Answers1

16

You should be using the real IP module, so that the client's actual IP address is considered the remote IP address, rather than your load balancer's IP address. This way, you won't have to check X-Forwarded-For in your logs, nor in your application either.

It is simple to enable it, just supply your load balancer IP address(es):

set_real_ip_from  10.0.0.0/8;
set_real_ip_from  172.16.0.0/12;
set_real_ip_from  192.168.0.0/16;
real_ip_header    X-Forwarded-For;
Michael Hampton
  • 237,123
  • 42
  • 477
  • 940
  • This worked, I thought I had tried this module before (or something similarly named) and it didn't work/had some other reason we couldn't use it (this was at least 1-2 years ago). This seems to have done the trick for now -- though it's not perfect as we're still using EC2 Classic for this cluster/NonVPC ELB IPs change all the time, so we have to use the whole 10.0.0.0/8 range in your example. Thanks. – skrewler Feb 09 '18 at 22:48