ConohaVPSではアクセスIPはWAFのIPになります。
%{X-Forwarded-For}iを設定しようとしたら、注意文になにやらmod_remoteipを使えと。。
These deviate from the Common Log Format definitions in that they use %O
(the actual bytes sent including headers) instead of %b (the size of the requested file), because the latter makes it impossible to detect partial
requests.
#Note that the use of %{X-Forwarded-For}i instead of %h is not recommended.
#Use mod_remoteip instead.
LogFormat "%v:%p %h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" vhost_combined
LogFormat "%h %l %u %t \"%r\" %>s %O \"%{Referer}i\" \"%{User-Agent}i\"" combined
LogFormat "%h %l %u %t \"%r\" %>s %O" common
LogFormat "%{Referer}i -> %U" referer
LogFormat "%{User-agent}i" agent
知らなかった。
昔から%{X-Forwarded-For}iを追加を何も考えずに設定していたので初めてmod_remoteipを設定してみる。
root@conoha-dev:~#apachectl configtest
AH00526: Syntax error on line 227 of /etc/apache2/apache2.conf:
Invalid command 'RemoteIPHeader', perhaps misspelled or defined by a module not included in the server configuration
Action 'configtest' failed.
The Apache error log may have more information.
root@conoha-dev:~#
あれ?モジュールがない?
a2enmodでモジュールをロードします。
root@conoha-dev:/etc/apache2# a2enmod remoteip
Enabling module remoteip.
To activate the new configuration, you need to run:
systemctl restart apache2
root@conoha-dev:/etc/apache2# tree
├── mods-enabled
│ ├── access_compat.load -> ../mods-available/access_compat.load
│ ├── alias.conf -> ../mods-available/alias.conf
│ ├── alias.load -> ../mods-available/alias.load
│ ├── auth_basic.load -> ../mods-available/auth_basic.load
│ ├── authn_core.load -> ../mods-available/authn_core.load
│ ├── authn_file.load -> ../mods-available/authn_file.load
│ ├── authz_core.load -> ../mods-available/authz_core.load
│ ├── authz_host.load -> ../mods-available/authz_host.load
│ ├── authz_user.load -> ../mods-available/authz_user.load
│ ├── autoindex.conf -> ../mods-available/autoindex.conf
│ ├── autoindex.load -> ../mods-available/autoindex.load
│ ├── deflate.conf -> ../mods-available/deflate.conf
│ ├── deflate.load -> ../mods-available/deflate.load
│ ├── dir.conf -> ../mods-available/dir.conf
│ ├── dir.load -> ../mods-available/dir.load
│ ├── env.load -> ../mods-available/env.load
│ ├── filter.load -> ../mods-available/filter.load
│ ├── mime.conf -> ../mods-available/mime.conf
│ ├── mime.load -> ../mods-available/mime.load
│ ├── mpm_prefork.conf -> ../mods-available/mpm_prefork.conf
│ ├── mpm_prefork.load -> ../mods-available/mpm_prefork.load
│ ├── negotiation.conf -> ../mods-available/negotiation.conf
│ ├── negotiation.load -> ../mods-available/negotiation.load
│ ├── php7.2.conf -> ../mods-available/php7.2.conf
│ ├── php7.2.load -> ../mods-available/php7.2.load
│ ├── reqtimeout.conf -> ../mods-available/reqtimeout.conf
│ ├── reqtimeout.load -> ../mods-available/reqtimeout.load
│ ├── rewrite.load -> ../mods-available/rewrite.load
│ ├── setenvif.conf -> ../mods-available/setenvif.conf
│ ├── setenvif.load -> ../mods-available/setenvif.load
│ ├── socache_shmcb.load -> ../mods-available/socache_shmcb.load
│ ├── ssl.conf -> ../mods-available/ssl.conf
│ ├── ssl.load -> ../mods-available/ssl.load
│ ├── status.conf -> ../mods-available/status.conf
│ └── status.load -> ../mods-available/status.load
├── ports.conf
root@conoha-dev:/etc/apache2#apachectl configtest
Syntax OK
root@conoha-dev:/etc/apache2#