Visitor logged IP is always Cloudflare IP

Discussion in 'ISPConfig 3 Priority Support' started by HenrysCat, Jul 10, 2020.

  1. HenrysCat

    HenrysCat Member

  2. till

    till Super Moderator Staff Member ISPConfig Developer

    You'll probably have to alter the LogFormat in the apache ispconfig.conf file in the way the tutorial from Cloudflare describes it. But this will affect all sites.
     
  3. HenrysCat

    HenrysCat Member

    How would it affect all sites?
     
  4. HenrysCat

    HenrysCat Member

    Would the be /etc/apache2/sites-available/ispconfig.conf ?
     
  5. till

    till Super Moderator Staff Member ISPConfig Developer

    Logging is done for all sites centrally by vlogger.

    Yes, but as mentioned above, changing this will change logging for all sites on your server.
     
  6. HenrysCat

    HenrysCat Member

    What I mean is, in what way will affect all sites? will sites not behind Cloudflare stop logging or log differently?

    Also is this the correct path for site configuration as step 2?
    /etc/apache2/sites-available/000-default.conf
    or should I edit mydomain.conf ?
     
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    All other sites will probably have no or wrong IP addresses in their logs.

    This file contains the LogFormat which is used by all sites.

    Individual sites have no LogFormat settings as logging is done centrally by vlogger.
     
  8. HenrysCat

    HenrysCat Member

    I can't get this working, etc/apache2/sites-available/000-default.conf looks ike this
    Code:
    <VirtualHost *:80>
        # The ServerName directive sets the request scheme, hostname and port that
        # the server uses to identify itself. This is used when creating
        # redirection URLs. In the context of virtual hosts, the ServerName
        # specifies what hostname must appear in the request's Host: header to
        # match this virtual host. For the default virtual host (this file) this
        # value is not decisive as it is used as a last resort host regardless.
        # However, you must set it for any further virtual host explicitly.
        #ServerName www.example.com
    
        ServerAdmin [email protected]
        DocumentRoot /var/www/html
        RemoteIPHeader CF-Connecting-IP
        # Available loglevels: trace8, ..., trace1, debug, info, notice, warn,
        # error, crit, alert, emerg.
        # It is also possible to configure the loglevel for particular
        # modules, e.g.
        #LogLevel info ssl:warn
    
        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined
    
        # For most configuration files from conf-available/, which are
        # enabled or disabled at a global level, it is possible to
        # include a line for only one particular virtual host. For example the
        # following line enables the CGI configuration for this host only
        # after it has been globally disabled with "a2disconf".
        #Include conf-available/serve-cgi-bin.conf
    </VirtualHost>
    
    # vim: syntax=apache ts=4 sw=4 sts=4 sr noet
    And top few lines of etc/apache2/sites-available/ispconfig.conf look like this

    Code:
    ################################################
    # ISPConfig Logfile configuration for vlogger
    ################################################
    
    SetEnvIf Request_URI "^/datalogstatus.php$" dontlog
    
    LogFormat "%v %a %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined_ispconfig
    CustomLog "| /usr/local/ispconfig/server/scripts/vlogger -s access.log -t \"%Y%m%d-access.log\" /var/log/ispconfig/httpd" combined_ispconfig env=!dontlog
    Only changed the %h to %a, I have added the file /etc/apache2/conf-available/remoteip.conf
    Rebooted the server and purged the Cloudflare cache, stuck now :)
     
  9. till

    till Super Moderator Staff Member ISPConfig Developer

    Sorry, the only file you have to alter is /etc/apache2/sites-available/ispconfig.conf

    Might even be that the apache module you use is not working with piped logging scripts like blogger. I never use that module, so I can't say for sure.
     
  10. HenrysCat

    HenrysCat Member

  11. till

    till Super Moderator Staff Member ISPConfig Developer

    Yes, step 2 is when you have only one website on the server which is located in
    /var/www/html folder.
     
  12. HenrysCat

    HenrysCat Member

    Tried still same, thinking about it is the line from step 2 "RemoteIPHeader CF-Connecting-IP" not need to read the IP list created in step 4?
     
  13. HenrysCat

    HenrysCat Member

    Got it working :)
    The Cloudflare guide said add this /etc/apache2/conf-available/remoteip.conf
    it shoud be /etc/apache2/conf-enabled/remoteip.conf

    I have tried with and without step 2 just to satisfy my curiosity and of course you are right Till
    Thanks for your help
     
    ahrasis and till like this.
  14. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    I think it actually should be added to conf-available, and then do command a2enconf remoteip.
     
  15. HenrysCat

    HenrysCat Member

    Hmmm, it's working so I won't touch, but if anything changes I'll try this, Thanks :)
     

Share This Page