Apache log format issue with EasyApache 4 (apache 2.4), Varnish and mod_remoteip

I have Varnish (manually installed and configured) running in front of Apache – works like a charm. The only issue I'm having now is that the X-Forwarded-For header set by Varnish (yes, it's working) is not being correctly picked up by Apache, so the IP of my server shows up in all log files.

I have tried following the steps outlined in this thread to modify the log format used for vhosts, but to no avail: mod_remoteip and correct ip in vhost access logs

I would love to hear from anybody who has a similar setup, and who managed to get this very important part right.

EDIT: I should probably clarify that I am running Cloudlinux 7 with cPanel 11.56.0 (build 24)

 

I tried following the instructions pointed to in the linked thread, but they did NOT work for me. The problem seems to be that the LogFormat directives in /usr/local/apache/conf/httpd.conf are not in any way affected by running:

Code:

sed -i.original -e 's/\(logformat.*\)%h\(.*\)/\1%a\2/' /var/cpanel/conf/apache/main
sed -i.original -e 's/\(.*\)%h \(.* combinedvhost.*\)/\1%a \2/' /usr/local/cpanel/Cpanel/AdvConfig/apache.pm
/scripts/rebuildhttpdconf
/scripts/restartsrv_httpd

In fact, after running the commands above, the output of grep LogFormat /usr/local/apache/conf/httpd.conf looks like this:

Code:

LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
LogFormat "%a %l %u %t \"%r\" %>s %b" common
LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

Despite the sed commands clearly doing what they are supposed to do. In other words, it looks like running /scripts/rebuildhttpdconf does not parse /var/cpanel/conf/apache/main and/or /usr/local/cpanel/Cpanel/AdvConfig/apache.pm.

The only way I can currently get this to work is by replacing %h with %a directly in /usr/local/apache/conf/httpd.conf, but I have no idea if these modifications will persist after a cPanel update or not. Time will tell I guess.

 

It would appear that your approach works, but it does leave me wondering why there isn't a more straight forward way of overriding Apache configuration directives without having to jump through so many hoops to ensure that changes are not overwritten by cPanel update.