<div dir="ltr"><div dir="ltr">You're welcome ;) </div><div dir="ltr">You just need to configure the rpaf module and stop using x-forwarded-for for you apache logs. Rpaf do all the job.<div><br></div><div><div>Explanation from the author:</div><div><br></div><div>“Rpaf changes the remote address of the client visible to other Apache modules when two conditions are satisfied. First condition is that the remote client is actually a proxy that is defined in module configuration. Secondly if there is an incoming X-Forwarded-For header and the proxy is in it's list of known proxies it takes the last IP from the incoming X-Forwarded-For header and changes the remote address of the client in the request structure.”</div></div></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">Le jeu. 21 févr. 2019 à 11:26, Gardener, Ray A <<a href="mailto:R.A.Gardener@shu.ac.uk">R.A.Gardener@shu.ac.uk</a>> a écrit :<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">
<div lang="EN-GB">
<div class="gmail-m_5142925366682637396WordSection1">
<p class="MsoNormal"><span>Hi Armando, <u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span>Thanks for this. Would I just need to configure the rpaf module on Apache? Is there anything else that needs doing in the zendto configuration?<u></u><u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal">Ray Gardener<u></u><u></u></p>
<p class="MsoNormal">Infrastructure Analyst<u></u><u></u></p>
<p class="MsoNormal">Digital technology Services<u></u><u></u></p>
<p class="MsoNormal">Sheffield Hallam University<u></u><u></u></p>
<p class="MsoNormal">0114 225 4926<u></u><u></u></p>
<p class="MsoNormal"><u></u> <u></u></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><span><u></u> <u></u></span></p>
<p class="MsoNormal"><b><span lang="EN-US">From:</span></b><span lang="EN-US"> ZendTo <<a href="mailto:zendto-bounces@zend.to" target="_blank">zendto-bounces@zend.to</a>>
<b>On Behalf Of </b>Armando Martins via ZendTo<br>
<b>Sent:</b> 21 February 2019 09:40<br>
<b>To:</b> ZendTo Users <<a href="mailto:zendto@zend.to" target="_blank">zendto@zend.to</a>><br>
<b>Cc:</b> Armando Martins <<a href="mailto:armando.mart1s@gmail.com" target="_blank">armando.mart1s@gmail.com</a>><br>
<b>Subject:</b> Re: [ZendTo] support for x-forwarded-for headers<u></u><u></u></span></p>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<p class="MsoNormal">Hi,<u></u><u></u></p>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<div>
<p class="MsoNormal">you can use the rpaf apache module. I use this behind haproxy and it works fine.<u></u><u></u></p>
</div>
</div>
<p class="MsoNormal"><u></u> <u></u></p>
<div>
<div>
<p class="MsoNormal">Le jeu. 21 févr. 2019 à 10:27, Gardener, Ray A via ZendTo <<a href="mailto:zendto@zend.to" target="_blank">zendto@zend.to</a>> a écrit :<u></u><u></u></p>
</div>
<blockquote style="border-top:none;border-right:none;border-bottom:none;border-left:1pt solid rgb(204,204,204);padding:0cm 0cm 0cm 6pt;margin-left:4.8pt;margin-right:0cm">
<div>
<div>
<p class="MsoNormal">Hi,
<u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">Access to our zendto installation is behind an F5 load-balancing proxy. The affect of this is that the IP addresses of client access all look to come from the IP address associated
with the proxy rather than the actual IP address of the client machines. The proxy address is what is captured in the zendto database and is included in the reports which zendto sends out. For security it would be useful to see the client IP addresses.
The Apache server can be configured to log this as an x-forwarded-for address<u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal"><a href="https://en.wikipedia.org/wiki/X-Forwarded-For" target="_blank">https://en.wikipedia.org/wiki/X-Forwarded-For</a><u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">is there any way that zendto con be configured to use either x-forwarded-for or a similar mechanism to log and report the real IP address of the client?<u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal">Ray Gardener<u></u><u></u></p>
<p class="MsoNormal">Infrastructure Analyst<u></u><u></u></p>
<p class="MsoNormal">Digital Technology Services<u></u><u></u></p>
<p class="MsoNormal">Sheffield Hallam University<u></u><u></u></p>
<p class="MsoNormal">0114 225 4926<u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
<p class="MsoNormal"> <u></u><u></u></p>
</div>
</div>
<p class="MsoNormal">_______________________________________________<br>
ZendTo mailing list<br>
<a href="mailto:ZendTo@zend.to" target="_blank">ZendTo@zend.to</a><br>
<a href="http://jul.es/mailman/listinfo/zendto" target="_blank">http://jul.es/mailman/listinfo/zendto</a><u></u><u></u></p>
</blockquote>
</div>
<p class="MsoNormal"><br clear="all">
<u></u><u></u></p>
<div>
<p class="MsoNormal"><u></u> <u></u></p>
</div>
<p class="MsoNormal">-- <u></u><u></u></p>
<div>
<p class="MsoNormal">Armando Martins<u></u><u></u></p>
</div>
</div>
</div>
</blockquote></div><br clear="all"><div><br></div>-- <br><div dir="ltr" class="gmail_signature">Armando Martins<br></div>