WHM 96 Nginx Visitor IP for ModSec and CSF

thewebexpert

Member
May 6, 2013
9
1
53
cPanel Access Level
Root Administrator
Good afternoon! I thought I would check out the new WHM 96 Nginx feature. one magic button click and the server will start using nginx.

What I noticed immediately in the APACHE STATUS screen, all visitors was the server ips ... And in ModSecuity logs, all "hits" were also the server ip.

I tried the rebuild config, restart nginx, restart apache, but in the end, I did not see Visitor IP for ModSec and apache, and was also concerned that CSF also would be getting the wrong data.

Has anyone tried running NGIX with ModSec and CSF (Config Server Firewall) ...

Update: I had to remove NGIX to put the visitors back to normal for now

Thanks!
 

andrew.n

Well-Known Member
Jun 9, 2020
611
175
43
EU
cPanel Access Level
Root Administrator
Have a look at this:


  • Install the mod_remoteip Apache module. This module allows Apache to log the IP address correctly when you use NGINX as a reverse proxy.
 

thewebexpert

Member
May 6, 2013
9
1
53
cPanel Access Level
Root Administrator
That does not really talk about the server ip showing up in the mod security logs .. it just talks about the non static content not being intercepted by modsecurity, no does it talk about CSF...

mod_remoteip was already installed