External IP Address

[protocole]

Hi Guys,

I am trying to log IPs that access our website, and I notice that every single line in the access log shows the same IP: xx.xx.xx..66, which is our server's external IP address.

It should be logging THEIR IP, not ours, there's no use in access logs if it only shows our own IP! I did some searching and came across the setting "Use Client IP in Header"

I tried setting that and restarting the server, but access logs still show our own IP. How can this be fixed?

 

[mistwang]

what is your front-end proxy? does it set "X-Forwarded-For" header?
You need to add the external IP as trusted IP, so server will use the IP in X-Forwarded-For header.

 

[protocole]

litespeed is the only web server we are running on this machine. NAT is enabled on our server, local ip is added on ethernet and public ip is not.

Litespeed logs showing server's public ip in logs. Public ip has been added in allowed list and set Use client ip was set to "trusted only" still no luck, any other idea?

Thanks for help

 

[mistwang]

If you do
"netstat -an | grep ESTA"
does it show the public IP or real client IP for the source IP?

I think you are running a frontend HTTP proxy, not simple NAT port forward at network layer 3.