The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Apache log format issue with EasyApache 4 (apache 2.4), Varnish and mod_remoteip

Discussion in 'EasyApache' started by Mads Nordholm, Jul 4, 2016.

  1. Mads Nordholm

    Mads Nordholm Member

    Joined:
    Jun 7, 2015
    Messages:
    20
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Thailand
    cPanel Access Level:
    Root Administrator
    I have Varnish (manually installed and configured) running in front of Apache – works like a charm. The only issue I'm having now is that the X-Forwarded-For header set by Varnish (yes, it's working) is not being correctly picked up by Apache, so the IP of my server shows up in all log files.

    I have tried following the steps outlined in this thread to modify the log format used for vhosts, but to no avail: mod_remoteip and correct ip in vhost access logs

    I would love to hear from anybody who has a similar setup, and who managed to get this very important part right.

    EDIT: I should probably clarify that I am running Cloudlinux 7 with cPanel 11.56.0 (build 24)
     
    #1 Mads Nordholm, Jul 4, 2016
    Last edited: Jul 4, 2016
  2. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,724
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    You may want to try the last post in that thread instead, as it's reported as working from that user.

    Thank you.
     
  3. Mads Nordholm

    Mads Nordholm Member

    Joined:
    Jun 7, 2015
    Messages:
    20
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Thailand
    cPanel Access Level:
    Root Administrator
    I tried following the instructions pointed to in the linked thread, but they did NOT work for me. The problem seems to be that the LogFormat directives in /usr/local/apache/conf/httpd.conf are not in any way affected by running:

    Code:
    sed -i.original -e 's/\(logformat.*\)%h\(.*\)/\1%a\2/' /var/cpanel/conf/apache/main
    sed -i.original -e 's/\(.*\)%h \(.* combinedvhost.*\)/\1%a \2/' /usr/local/cpanel/Cpanel/AdvConfig/apache.pm
    /scripts/rebuildhttpdconf
    /scripts/restartsrv_httpd
    
    In fact, after running the commands above, the output of grep LogFormat /usr/local/apache/conf/httpd.conf looks like this:

    Code:
    LogFormat "%{Referer}i -> %U" referer
    LogFormat "%{User-agent}i" agent
    LogFormat "%a %l %u %t \"%r\" %>s %b" common
    LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    
    Despite the sed commands clearly doing what they are supposed to do. In other words, it looks like running /scripts/rebuildhttpdconf does not parse /var/cpanel/conf/apache/main and/or /usr/local/cpanel/Cpanel/AdvConfig/apache.pm.

    The only way I can currently get this to work is by replacing %h with %a directly in /usr/local/apache/conf/httpd.conf, but I have no idea if these modifications will persist after a cPanel update or not. Time will tell I guess.
     
  4. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,724
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    Hello,

    Run the Apache distiller after running those "sed" commands, but before running "/scripts/rebuildhttpdconf":

    Code:
    /usr/local/cpanel/bin/apache_conf_distiller --update
    Here's the result when I used this method:

    Code:
    # grep LogFormat /usr/local/apache/conf/httpd.conf
        LogFormat "%{Referer}i -> %U" referer
        LogFormat "%{User-agent}i" agent
        LogFormat "%h %l %u %t \"%r\" %>s %b" common
        LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
    Let us know if this helps.

    Thank you.
     
  5. Mads Nordholm

    Mads Nordholm Member

    Joined:
    Jun 7, 2015
    Messages:
    20
    Likes Received:
    1
    Trophy Points:
    3
    Location:
    Thailand
    cPanel Access Level:
    Root Administrator
    It would appear that your approach works, but it does leave me wondering why there isn't a more straight forward way of overriding Apache configuration directives without having to jump through so many hoops to ensure that changes are not overwritten by cPanel update.
     
  6. Miguel G

    Miguel G Member

    Joined:
    Jun 4, 2015
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Twitter:
    After updating WHM 56 to 58 and migrating to EasyApache 4, this is not working for me anymore (I had EasyApache 3) and this has been working for almost 2 years.

    I have Varnish running in front of Apache.

    I have enabled mod_remoteip and made sure the module is loaded. I have added the following in /etc/apache2/conf.modules.d/360_mod_remoteip.conf
    Code:
    # Enable mod_remoteip
    LoadModule remoteip_module modules/mod_remoteip.so
    <IfModule remoteip_module>
      # These settings are specific to your environment, so
      # we'll leave them commented out until you manually set
      # them. I recommend carefully reading the documentation
      # as misconfiguration of this module can result in
      # potential data compromise.
      #
      # mod_remoteip - Apache HTTP Server Version 2.5
      # ---------------------------------------------------------
    
    RemoteIPHeader X-Forwarded-For
    RemoteIPInternalProxy myipaddress
    </IfModule>
    
    I have even tried modifying manually the httpd.conf with %a instead of %h and still is not working.
     
    #6 Miguel G, Aug 12, 2016
    Last edited by a moderator: Aug 12, 2016
  7. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,724
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
    It's possible this relates to the use of the third-party Varnish plugin, however feel free to open a support ticket using the link in my signature so we can take a closer look. You can post the ticket number here so we can update this thread with the outcome.

    Thank you.
     
  8. Miguel G

    Miguel G Member

    Joined:
    Jun 4, 2015
    Messages:
    21
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Spain
    cPanel Access Level:
    Root Administrator
    Twitter:
    Finally it worked following the instructions from this thread:

    Apache log format issue with EasyApache 4

    cp -a /var/cpanel/templates/apache2_4/ea4_main.default /var/cpanel/templates/apache2_4/ea4_main.local
    vi /var/cpanel/templates/apache2_4/ea4_main.local

    and change %h entries for %a
     
  9. cPanelMichael

    cPanelMichael Forums Analyst
    Staff Member

    Joined:
    Apr 11, 2011
    Messages:
    30,724
    Likes Received:
    660
    Trophy Points:
    113
    cPanel Access Level:
    Root Administrator
Loading...

Share This Page