One important part of any proxy configuration is logging the correct originating IP address on the final application log to ensure proper analytics and problem determination. Note that at times, it’s very useful to log the proxy or load balancer IP at the application server to determine where an issue may be occurring but for the most part, the original IP address is desired in the application log.
This example is using;
- Amazon Linux (as of 2012-03)
- nginx-0.8.54-1.4.amzn1.x86_64
- jetty6-6.1.14-1.jpp5.noarch from jpackage.org
Perform the following steps:
- Install and configure nginx to proxy all requests to localhost port 8080.
- Install and configure jetty6, using all default options.
- Configure nginx to set the proxy header values for X-Forwarded-For
- Configure Jetty to log the X-Forwarded-For IP in /etc/jetty6/jetty.xml under the RequestLog section
- Once that is complete, restart both nginx and jetty to test.
location / {
proxy_pass http://127.0.0.1:8080;
}
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $host;
proxy_pass http://127.0.0.1:8080;
}
...
<Set name="LogTimeZone">GMT</Set>
<Set name="PreferProxiedForAddress">true</Set>
</New>
...
sudo /etc/init.d/nginx restart sudo /etc/init.d/jetty6 restart
Leave a Reply