I’m having Varnish as a frontend and then running Apache through reverse proxy. The Apache logs become full of just a single IP address, the accesses from the Varnish server – usually 127.0.0.1 if you are running both on the same server.
No more GeoIP decisions on the backend or any other feature by remote address.
But we know that Varnish passes along the original client IP address on a HTTP header named X-Forwarded-For to the backend server. It would be awesome if Apache could deal with that,
Fortunately there is already a module that injects the IP on a special header to the HTTP request to Apache: mod_remoteip
- Install mod_remoteip
install remoteipShell123cd /usr/local/srcwget https://svn.apache.org/repos/asf/httpd/httpd/trunk/modules/metadata/mod_remoteip.capxs -n remoteip -cia mod_remoteip.c
- Enable the module
Shell1sudo a2enmod remoteip
- Edit your apache2 configuration file
Shell1sudo nano /etc/apache2/apache2.conf
- Add this line at the end of the file
- Restart Apache service
Shell1sudo service apache2 restart
You should now get the client’s real IP address instead of varnish IP address.