I want to know what my client's IP address is when using Elastic Load Balancing (ELB). How can I configure my Apache server to log my client’s public IP addresses behind the load balancer?

You can configure your Apache server to log the X-Forwarded-For request header. By default, ELB supports the X-Forwarded-For header when using a HTTP or HTTPS listener.

Configure Apache to log the X-Forwarded-For header by completing the following steps:

1.    Locate the main Apache configuration file httpd.conf. This file is usually located at /etc/httpd/conf/httpd.conf.

2.    Edit the configuration file and find the section that contains LogFormat.

3.    Add the following to your combined LogFormat: “%{X-Forwarded-For}i” Consider the following example code in LogFormat:

LogFormat "%{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent

4.    Save the file and restart Apache for changes to take effect.

Note: The X-Forwarded-For header is a chain that consists of more than one IP address. When you have more than one IP address, the leftmost address should be the client IP address. You can also capture the client’s IP address by enabling ELB access logging. This captures detailed information requests sent to your load balancer. For more information, see Enable Access Logging.

Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2016-12-07

Updated: 2017-12-19