Apache log format issue with EasyApache 4 (apache 2.4), Varnish and mod_remoteip

Mads Nordholm · Jul 4, 2016

I have Varnish (manually installed and configured) running in front of Apache – works like a charm. The only issue I'm having now is that the X-Forwarded-For header set by Varnish (yes, it's working) is not being correctly picked up by Apache, so the IP of my server shows up in all log files.

I have tried following the steps outlined in this thread to modify the log format used for vhosts, but to no avail: mod_remoteip and correct ip in vhost access logs

I would love to hear from anybody who has a similar setup, and who managed to get this very important part right.

EDIT: I should probably clarify that I am running Cloudlinux 7 with cPanel 11.56.0 (build 24)

cPanelMichael · Jul 11, 2016

Mads Nordholm said: ↑

I have tried following the steps outlined in this thread to modify the log format used for vhosts, but to no avail: mod_remoteip and correct ip in vhost access logs
Click to expand...

Hello,

You may want to try the last post in that thread instead, as it's reported as working from that user.

Thank you.

Mads Nordholm · Jul 11, 2016

I tried following the instructions pointed to in the linked thread, but they did NOT work for me. The problem seems to be that the LogFormat directives in /usr/local/apache/conf/httpd.conf are not in any way affected by running:
Code:
sed -i.original -e 's/\(logformat.*\)%h\(.*\)/\1%a\2/' /var/cpanel/conf/apache/main
sed -i.original -e 's/\(.*\)%h \(.* combinedvhost.*\)/\1%a \2/' /usr/local/cpanel/Cpanel/AdvConfig/apache.pm
/scripts/rebuildhttpdconf
/scripts/restartsrv_httpd
In fact, after running the commands above, the output of grep LogFormat /usr/local/apache/conf/httpd.conf looks like this:
Code:
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
LogFormat "%a %l %u %t \"%r\" %>s %b" common
LogFormat "%a %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
Despite the sed commands clearly doing what they are supposed to do. In other words, it looks like running /scripts/rebuildhttpdconf does not parse /var/cpanel/conf/apache/main and/or /usr/local/cpanel/Cpanel/AdvConfig/apache.pm.

The only way I can currently get this to work is by replacing %h with %a directly in /usr/local/apache/conf/httpd.conf, but I have no idea if these modifications will persist after a cPanel update or not. Time will tell I guess.

cPanelMichael · Jul 14, 2016

Hello,

Run the Apache distiller after running those "sed" commands, but before running "/scripts/rebuildhttpdconf":
Code:
/usr/local/cpanel/bin/apache_conf_distiller --update
Here's the result when I used this method:
Code:
# grep LogFormat /usr/local/apache/conf/httpd.conf
    LogFormat "%{Referer}i -> %U" referer
    LogFormat "%{User-agent}i" agent
    LogFormat "%h %l %u %t \"%r\" %>s %b" common
    LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
Let us know if this helps.

Thank you.

Mads Nordholm · Jul 16, 2016

It would appear that your approach works, but it does leave me wondering why there isn't a more straight forward way of overriding Apache configuration directives without having to jump through so many hoops to ensure that changes are not overwritten by cPanel update.

Miguel G · Aug 12, 2016

After updating WHM 56 to 58 and migrating to EasyApache 4, this is not working for me anymore (I had EasyApache 3) and this has been working for almost 2 years.

I have Varnish running in front of Apache.

I have enabled mod_remoteip and made sure the module is loaded. I have added the following in /etc/apache2/conf.modules.d/360_mod_remoteip.conf
Code:
# Enable mod_remoteip
LoadModule remoteip_module modules/mod_remoteip.so
<IfModule remoteip_module>
  # These settings are specific to your environment, so
  # we'll leave them commented out until you manually set
  # them. I recommend carefully reading the documentation
  # as misconfiguration of this module can result in
  # potential data compromise.
  #
  # mod_remoteip - Apache HTTP Server Version 2.5
  # ---------------------------------------------------------

RemoteIPHeader X-Forwarded-For
RemoteIPInternalProxy myipaddress
</IfModule>
I have even tried modifying manually the httpd.conf with %a instead of %h and still is not working.

cPanelMichael · Aug 22, 2016

It's possible this relates to the use of the third-party Varnish plugin, however feel free to open a support ticket using the link in my signature so we can take a closer look. You can post the ticket number here so we can update this thread with the outcome.

Thank you.

Miguel G · Oct 24, 2016

Finally it worked following the instructions from this thread:

Apache log format issue with EasyApache 4

cp -a /var/cpanel/templates/apache2_4/ea4_main.default /var/cpanel/templates/apache2_4/ea4_main.local
vi /var/cpanel/templates/apache2_4/ea4_main.local

and change %h entries for %a

cPanelMichael · Oct 25, 2016

I'm happy to see the issue is now resolved. Thank you for updating this thread with the outcome.

Forums

The Community Forums

Interact with an entire community of cPanel & WHM users!

Apache log format issue with EasyApache 4 (apache 2.4), Varnish and mod_remoteip

Mads Nordholm Active Member

cPanelMichael Technical Support Community Manager Staff Member

Mads Nordholm Active Member

cPanelMichael Technical Support Community Manager Staff Member

Mads Nordholm Active Member

Miguel G Well-Known Member

cPanelMichael Technical Support Community Manager Staff Member

Miguel G Well-Known Member

cPanelMichael Technical Support Community Manager Staff Member

Unable to find (or modify) log format in Apache configuration.

Apache status output with no vhost and request information

Failed to receive status information from Apache

EasyApache 4 Security Release Jan 16, 2019

EasyApache 4 update error

Share This Page

Useful Searches

The Community Forums

Interact with an entire community of cPanel & WHM users!

Apache log format issue with EasyApache 4 (apache 2.4), Varnish and mod_remoteip

Mads Nordholm Active Member

cPanelMichael Technical Support Community Manager Staff Member

Mads Nordholm Active Member

cPanelMichael Technical Support Community Manager Staff Member

Mads Nordholm Active Member

Miguel G Well-Known Member

cPanelMichael Technical Support Community Manager Staff Member

Miguel G Well-Known Member

cPanelMichael Technical Support Community Manager Staff Member

Unable to find (or modify) log format in Apache configuration.

Apache status output with no vhost and request information

Failed to receive status information from Apache

EasyApache 4 Security Release Jan 16, 2019

EasyApache 4 update error

Share This Page