How to Add “X-Forwarded-For” information to Apache Web Server access log and error log

Keywords: Apache 2.4, Apache show client IP Address behind proxy, access log, error log, access.log, error.log, X-Forwarded-For

(For Apache 2.4 and newer versions)

By default, the apache access log and error log will not log “X-Forwarded-For” information, so that if the client is connecting via a proxy, the log might only contain the proxy server’s IP address.

By adding X-Forwarded-For information to log files, we will be able to tell the possible real IP address of the client.

Access Log Format

The default access log format in configuration file is

LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

To add “X-Forwarded-For” information to the access log we just need to change it to:

LogFormat "%h %{X-Forwarded-For}i %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined

Apache 2.4 logformat documentation: https://httpd.apache.org/docs/2.4/mod/mod_log_config.html#logformat

Error Log Format

The default error log format is:

Example (default format for threaded MPMs)
ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] %M% ,\ referer\ %{Referer}i"

To add ” X-Forwarded-For ” information to the error log we need to change it to:

ErrorLogFormat "[%{u}t] [%-m:%l] [pid %P:tid %T] %7F: %E: [client\ %a] [%{X-Forwarded-For}i] %M% ,\ referer\ %{Referer}i"

Apache 2.4 logformat documentation: https://httpd.apache.org/docs/2.4/mod/core.html#errorlogformat

Leave a Reply

Your email address will not be published. Required fields are marked *