Welcome to WebmasterWorld Guest from 54.163.94.5

Forum Moderators: Ocean10000 & incrediBILL & phranque

Message Too Old, No Replies

.htaccess way to include original IP in logs

     
8:16 pm on Apr 3, 2013 (gmt 0)

New User

joined:Apr 3, 2013
posts: 2
votes: 0


I have been using Incapsula, and for the most part like the service. However, I am not getting original IP addresses in my logs. They have plugins and fixes for CMS's, but the only suggestion for raw logs requires changes to httpd.conf, and I do not have access to that file on one server where I need to make this change.

Any way to make this happen from my .htaccess file? I think it should be possible with %{HTTP:X_FORWARDED_FOR}, but I lack the understanding to make it work.

Any help appreciated!
9:16 pm on Apr 3, 2013 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:10591
votes: 21


the CustomLog directive is only valid in server config and virtual host contexts, so you'll need access to the config file to change the log format or add a custom access log.
11:35 pm on Apr 3, 2013 (gmt 0)

New User

joined:Apr 3, 2013
posts: 2
votes: 0


phranque - I think I follow, thanks.

There is a Incap-Client-IP header being added, with the original IP, and WordPress is getting that via the plugin. However my raw logs do not have the header.

Any ideas on a work around in a shared virtual hosting situation?

Thanks
12:46 am on Apr 4, 2013 (gmt 0)

Senior Member from US 

WebmasterWorld Senior Member lucy24 is a WebmasterWorld Top Contributor of All Time 5+ Year Member Top Contributors Of The Month

joined:Apr 9, 2011
posts:13260
votes: 362


Option B is to log the headers themselves. I think it was incrediBill who originally posted the code. It makes a pretty bulky file, but I'm sure you can tweak the code so it only shows the "X-forwarded-for" header.

That's assuming you have the option of including files. It needs to be part of each page. Same as analytics and anything else you've got: invisible to the user, just does its stuff in the background.
3:28 am on Apr 4, 2013 (gmt 0)

Administrator

WebmasterWorld Administrator phranque is a WebmasterWorld Top Contributor of All Time 10+ Year Member Top Contributors Of The Month

joined:Aug 10, 2004
posts:10591
votes: 21


if you go with option B you can write your own log file into a subdirectory that is exactly the same format as the access log but with the "correct" IP address.
(you might not have status code and response size data available.)
i would suggest using basic authentication to prevent others from accessing files in this subdirectory without a password.