I would like to know what my client's IP address is when using Elastic Load Balancing (ELB). How can I configure my Apache server to log my client’s public IP addresses behind the load balancer?

You can configure your Apache server to log the X-Forwarded-For request header. ELB by default supports the X-Forwarded-For header when using a HTTP or HTTPS listener.

Configure Apache to log the X-Forwarded-For header by completing the following steps:

1.    Locate the main Apache configuration file httpd.conf. This file is usually located at /etc/httpd/conf/httpd.conf.

2.    Edit the configuration file and find the section that contains LogFormat.

3.    Add the following to your combined LogFormat: “%{X-Forwarded-For}i”

4.    Consider the following example code in logformat:

LogFormat "%{X-Forwarded-For}i %h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\"" combined

LogFormat "%h %l %u %t \"%r\" %>s %b" common

LogFormat "%{Referer}i -> %U" referer

LogFormat "%{User-agent}i" agent

4.    After adding “%{X-Forwarded-For} into your combined LogFormat, save the file and restart Apache for changes to take effect.

Note: The X-Forwarded-For header is a chain that consists of more than one IP address. When you have more than one IP address, the leftmost address should be the client IP address. For more information, see Enable Access Logging.

VPC, endpoint, subnet, private

Did this page help you? Yes | No

Back to the AWS Support Knowledge Center

Need help? Visit the AWS Support Center

Published: 2016-12-07