1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 4:15 pm May 1, 2026

Forum Moderators: phranque

Message Too Old, No Replies

.htaccess way to include original IP in logs

         

phbyerly

8:16 pm on Apr 3, 2013 (gmt 0)

10+ Year Member



I have been using Incapsula, and for the most part like the service. However, I am not getting original IP addresses in my logs. They have plugins and fixes for CMS's, but the only suggestion for raw logs requires changes to httpd.conf, and I do not have access to that file on one server where I need to make this change.

Any way to make this happen from my .htaccess file? I think it should be possible with %{HTTP:X_FORWARDED_FOR}, but I lack the understanding to make it work.

Any help appreciated!

phranque

9:16 pm on Apr 3, 2013 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



the CustomLog directive is only valid in server config and virtual host contexts, so you'll need access to the config file to change the log format or add a custom access log.

phbyerly

11:35 pm on Apr 3, 2013 (gmt 0)

10+ Year Member



phranque - I think I follow, thanks.

There is a Incap-Client-IP header being added, with the original IP, and WordPress is getting that via the plugin. However my raw logs do not have the header.

Any ideas on a work around in a shared virtual hosting situation?

Thanks

lucy24

12:46 am on Apr 4, 2013 (gmt 0)

WebmasterWorld Senior Member 10+ Year Member Top Contributors Of The Month



Option B is to log the headers themselves. I think it was incrediBill who originally posted the code. It makes a pretty bulky file, but I'm sure you can tweak the code so it only shows the "X-forwarded-for" header.

That's assuming you have the option of including files. It needs to be part of each page. Same as analytics and anything else you've got: invisible to the user, just does its stuff in the background.

phranque

3:28 am on Apr 4, 2013 (gmt 0)

WebmasterWorld Administrator 10+ Year Member Top Contributors Of The Month



if you go with option B you can write your own log file into a subdirectory that is exactly the same format as the access log but with the "correct" IP address.
(you might not have status code and response size data available.)
i would suggest using basic authentication to prevent others from accessing files in this subdirectory without a password.
 

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week

  1. Home
  2. Forums Index
  3. Server Side / Apache Web Server 4:15 pm May 1, 2026