EPrints Technical Mailing List Archive

Message: #02074

< Previous (by date) | Next (by date) > | < Previous (in thread) | Next (in thread) > | Messages - Most Recent First | Threads - Most Recent First

[EP-tech] Re: x-forwarded ip in access table

On 04/07/13 08:16, Matthew Brady wrote:

We have just moved our server and needed to modify the apache .conf
files to use X-Forwarded-For, so we get the correct IP’s into the access
and error logs.  This is all working correctly.

The collection of ip’s in the access table was not handling the
x-forward header info.

Fixed it by editing this file, perl_lib/EPrints/Apache/LogHandler.pm,
and adding extra code to pick up the header info and fall back to
regular ip if not defined.

We did a slight variation here at EDINA, when we started using a proxy server (and note that Load Balancers can set a different header field) We took "remote_addr' unless remote_addr was in a defined list of IPs, when we referred to the X-Forwarded-For, and took the first element (if there's a sequence of proxies, X-Forwarded-For is a list)


Ian Stuart.
Developer: ORI, RJ-Broker, and OpenDepot.org
Bibliographics and Multimedia Service Delivery team,
The University of Edinburgh.


This email was sent via the University of Edinburgh.

The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.