I have a situation where I may have to do some context-dependent
balancer routing.
I presently have a global balancer which can load-balance to any of the
target servers:
# IP addresses have been changed to protect the innocent
BalancerMember ajp://10.0.1.10:8009
BalancerMember ajp://10.0.1.20:8
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
On 10/2/14 2:27 PM, Mike Rumph wrote:
> On 10/2/2014 11:07 AM, Christopher Schultz wrote:
>> -BEGIN PGP SIGNED MESSAGE- Hash: SHA256
>>
>> Mike,
>>
>> Okay, using %a works when using mod_remoteip. AWS Linux uses %h
>> by default for
On 10/2/2014 11:07 AM, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
Okay, using %a works when using mod_remoteip. AWS Linux uses %h by
default for its httpd.conf definition of "combined" log format, so
I've changed that and I'm getting the logging I desire.
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
On 10/2/14 1:18 PM, Mike Rumph wrote:
> It just occurred to me that you might be referring to the first
> field (%h) in your log records. This is going to be the remote
> hostname. So this is showing the IP address of your immediate
> proxy. I
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
On 10/2/14 1:18 PM, Mike Rumph wrote:
> It just occurred to me that you might be referring to the first
> field (%h) in your log records.
Precisely.
> This is going to be the remote hostname. So this is showing the IP
> address of your immed
Hello Christopher,
It just occurred to me that you might be referring to the first field
(%h) in your log records.
This is going to be the remote hostname.
So this is showing the IP address of your immediate proxy.
If you want to see the true original client IP address (as calculated by
mod_re
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
On 10/2/14 12:37 PM, Christopher Schultz wrote:
> With my above configuration, I got a line in my (your) access log
> that looks like this:
>
> 10.32.219.77 71.178.180.80 10.32.219.77 xf="-" - -
> [02/Oct/2014:16:33:39 +] "GET" "GET /too
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Mike,
On 10/2/14 12:04 PM, Mike Rumph wrote:
> Since you are running 2.4.10, you have the latest mod_remoteip
> fixes. But I think the problem is in the directives that you are
> using:
>
> RemoteIPHeader X-Forwarded-For #RemoteIPTrustedProxy 10.0.
Hello Christopher,
Since you are running 2.4.10, you have the latest mod_remoteip fixes.
But I think the problem is in the directives that you are using:
RemoteIPHeader X-Forwarded-For
#RemoteIPTrustedProxy 10.0.0.0/8
If you only use the RemoteIPHeader directive, then the default is
Mike,
On 10/1/14 5:40 PM, Mike Rumph wrote:
> What version of Apache httpd are you running?
Thanks for the reply. We are running 2.4 and 2.2 on various servers, but
I'm starting with this one:
Server version: Apache/2.4.10 (Amazon)
Server built: Jul 30 2014 23:57:28
This is the httpd package
We are about to introduce client certificates for (optional) authentication.
...
SSLOptions +StdEnvVars +ExportCertData
SSLCACertificateFile conf/ssl.crt/ca.crt SSLVerifyClient optional
SSLVerifyDepth 4 ...
Unfortunately Safari@mac has "problems" (apparently a bug) connecting to Apache
http
11 matches
Mail list logo
