Proxy HTTP Requests through Nginx to Jetty6 with X-Forwarded-For

One important part of any proxy configuration is logging the correct originating IP address on the final application log to ensure proper analytics and problem determination. Note that at times, it’s very useful to log the proxy or load balancer IP at the application server to determine where an issue may be occurring but for the most part, the original IP address is desired in the application log.

This example is using;

  • Amazon Linux (as of 2012-03)
  • nginx-0.8.54-1.4.amzn1.x86_64
  • jetty6-6.1.14-1.jpp5.noarch from jpackage.org

Perform the following steps:

  1. Install and configure nginx to proxy all requests to localhost port 8080.
  2.        location / {
                    proxy_pass   http://127.0.0.1:8080;
            }
    
  3. Install and configure jetty6, using all default options.
  4. Configure nginx to set the proxy header values for X-Forwarded-For
  5.        location / {
                    proxy_set_header X-Real-IP       $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header Host            $host;
                    proxy_pass   http://127.0.0.1:8080;
            }
    
  6. Configure Jetty to log the X-Forwarded-For IP in /etc/jetty6/jetty.xml under the RequestLog section

  7. ...
    <Set name="LogTimeZone">GMT</Set>
    <Set name="PreferProxiedForAddress">true</Set>
    </New>
    ...

  8. Once that is complete, restart both nginx and jetty to test.
  9. sudo /etc/init.d/nginx restart
    sudo /etc/init.d/jetty6 restart
    

Leave a Reply