A computer engineer poking at your cerebral cortex.

mod rpaf for apache2

November 13, 2012

If you have ever had to deal with a high available web site you have built a number of apache nodes behind some kind of load balancer. This can be anything from an F5 to a software load balancer provided by some ISP. The number one problem you run into when running this is apache2 is going to just log the IP of the load balancer over and over again because this is really where the traffic is coming from. Knowing the original IP of the user is very important for logging, security, and other tools like awstats. The load balancer will pass the client information over the http header to apache2. First install the module:

# if you haven't installed apache2 already
apt-get install apache2
 
# now install the module
apt-get install libapache2-mod-rpaf
 
# now make sure your new module is enabled
a2enmod rpaf

Now there is one more step is you have to tell rpaf what IP your load balancer is using. If you tail -f /var/log/apache2/access.log and hit your web site you will see your load balancer internal IP address. Now add that IP address to file /etc/apache2/mods-available/rpaf.conf. Below is a sample of mine:

<ifmodule mod_rpaf.c>
RPAFenable On
RPAFsethostname On
RPAFproxy_ips 192.168.1.1
</ifmodule>

Now you want to restart apache2 & tail your apache2 log:

service apache2 restart && tail -f /var/log/apache2/access.log