About
The users / original IP address of a request is stored in the following headers
- without proxy: X_REAL_IP
- with proxy: x-forwarded-for
With this IP, you can perform geolocalization of your users
X-Forwarded-For
An HTTP reverse proxy uses non-standard headers to inform the upstream server about the user’s IP address and other request properties:
X-Forwarded-For: ipClient, ipProxy1, ipProxy2
X-Real-IP: 12.34.56.78
X-Forwarded-Host: example.com
X-Forwarded-Proto: https
where:
- The X-Forwarded-Proto (XFP) header is a de-facto standard header for identifying the protocol (HTTP or HTTPS) that a client used to connect to your proxy or load balancer.
- x-forwarded-host
Client Restoration
On web server, you can restore the IP in the http log to the client IP (and not to the proxy) via:
- a module of the server 1)
- or by modifying the log format
For instance, with nginx:
- there is the Real Ip module
- or you can change the default log format by replacing remote_addr with http_x_forwarded_for
log_format proxy '$http_x_forwarded_for - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" ""';
access_log /var/log/nginx/access.log proxy;
Documentation
1)
Cloudflare has extended documentation on server module