I'm running an Nginx front-end for static files, and proxying to an Apache backend for PHP and Passenger, using Apache's mod_rpaf to set the correct remote IP address on the backend. Everything worked fine until I upgraded to Ubuntu 12.04 (Precise). Now Apache reports all connections coming from 127.0.0.1.
Here's the relevant configuration. Nothing here changed with the upgrade.
Nginx:
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
mod_rpaf:
<IfModule mod_rpaf.c>
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 127.0.0.1 ::1
RPAFheader X-Forwarded-For
</IfModule>
I'm using %{X-Forwarded-For}i
in my Apache LogFormat directive and the access logs are
showing the correct remote address, so I know Nginx is passing the address along properly.
In a phpinfo()
test, HTTP_X_FORWARDED_FOR is showing the correct remote address, but REMOTE_ADDR is 127.0.0.1. This is reflected in PHP applications as well, such as WordPress comments.
I've tried switching Nginx and mod_rpaf to X-Real-IP with no effect.
Did something change that I missed?
Relevant version info, everything installed from the Ubuntu repository:
Nginx 1.1.19
Apache 2.2.22
mod_rpaf 0.6
Just been dealing with this myself. There was an Ubuntu bug confirmed on Friday. You can get things working again by changing:
to
in /etc/apache2/mods-available/rpaf.conf
mod_rpaf appears to have been deprecated in Debian Jessie, and further development halted. Switch to mod_remoteip, which is a default module in Debian Jessie.
Just an update to this question. The format of the variables mod_rpaf uses has changed - Apache will refuse to start with the ones listed above currently (RPAFenable, RPAFsethostname, RPAFproxy_ips, RPAFheader).
The new format is as follows: