@soume86 wrote:
Hello,
I just installed haproxy as reverse proxy for apache under centos 7.
I configured it to do ssl from end to end (client <- ssl -> haproxy <- ssl -> srv_web).
Everything works, the only problem is that at the level of logs apache, it is impossible to have the IP address of the client.
My configuration:
frontend http-in
bind *:80
mode http
option httplog
redirect scheme https code 301 if !{ ssl_fc }
acl acl1 hdr(host) domain.fr
use_backend back1 if acl1frontend https-in
bind *:443 ssl crt cert.pem no-sslv3
mode http
option httplog
acl acl1 hdr(host) domain.fr
use_backend back1 if acl1backend back1
mode http
option httpchk
option forwardfor except 127.0.0.1
http-request add-header X-Forwarded-Proto https if { ssl_fc }
option forwardfor header X-Client
server web-server1 10.10.0.1:8443 ssl verify noneIn apache : httpd.conf
LogFormat "%{X-Forwarded-For}i %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
Would anyone have an idea?
Thank you in advance
Posts: 1
Participants: 1