Skip to main content

Replacing mod_rpaf with mod_remoteip in Apache 2.4



Today I updated Debian to Jessie on my server and found a problem: the mod_rpaf module did not display the correct client ip address, instead ip 127.0.0.1 was displayed when proxying requests from nginx to apache.



The problem is solved very simply: deactivate / delete mod_rpaf and activate mod_remoteip with the command:

  # a2enmod mod_remoteip 

Restart apache . Now open the config file with virtual hosts and for each site we write the following:

  <IfModule remoteip_module>
 RemoteIPHeader X-Forwarded-For
 RemoteIPTrustedProxy 127.0.0.1
 </ IfModule> 

Restart apache again.




How do you rate the article?
Звёзд: 1Звёзд: 2Звёзд: 3Звёзд: 4Звёзд: 5 ( 5 ratings, average: 3.20 out of 5)
Loading...

” 9 Comments “ Replacing mod_rpaf with mod_remoteip in Apache 2.4

  1. But could you describe in more detail the procedure for replacing rpaf with remoteip? What configs to fix, and so on, otherwise I just tried a lot and nothing happens. Thank you in advance!

    1. Location config depends on how you set up sites. But there are only two ways: either virtual servers are registered in the /etc/apache2/apache2.conf file, or in some file in the /etc/sites-available/example.com.conf directory, where example.com corresponds to the domain of the site.

      The remoteip configuration specified in the post, you need to register in the section

        <VirtualHost *: 80>
      
       </ Virtualhost> 

      Installing remoteip is not required, as it is included. You just need to activate.

  2. Unfortunately, the web server was configured by another person, so a little confused. There is a bunch of nginx + apache 2.4.10. Judging by the modules, rpaf was installed and configured, since the problems appeared just after the update to debian 8. remoteip was not installed and had to put it by hand.

    Indeed, configs are separate in / sites-available /

    Apache config: http://pastebin.com/c47s8Zuw
    Nginx config: http://pastebin.com/ebWNS8ME (here it’s like this configuration contains settings for rpaf).

    Tell me how to properly turn off this module (rpaf) and, if possible, tell by config, because I think that there is some kind of conflict between modules.

    1. Mod rpaf is disabled by a2dismod rpaf , then you need to restart apache: service apache2 restart.

      You can then remove it: aptitude remove libapache2-mod-rpaf.

      There are no conflicts in your configs, as well as rpaf settings. Its settings are located in the /etc/apache2/mods-available/rpaf.conf file. It is enough to turn off and the conflict should disappear.

  3. Previously, we used a bunch of IIS + Apache proxy balancer, now we decided to abandon IIS and make a web server + proxy balancer on one Apache service, everything worked out, but the real IP addresses of clients are not transferred to the web application and are displayed as the local Apache address . I ask to help to deal with the problem, here is the apache config:
    https://drive.google.com/open?id=0ByrqLF_MjfmvVVd1QjM2TjNhd00
    tried to substitute and RemoteIPHeader X-Real-IP and RemoteIPHeader X-Forwarded-For

    1. And what is used as a proxy balancer? I understand that apache is in front of it, like a frontend, right?

      As an option, try to register it:

        RemoteIPHeader X-Client-IP 
      1. as the balancer, the same Apache service is used (web server + proxy balancer), and from this Apache there are already requests for an application within the network. Parameter X-Client-IP also tried. The application is based on Oracle IAS, by the way, another Apache is built inside it. But it doesn’t have anything to do with IP addresses.

        1. Alas, I can hardly help with something in your particular situation. With such a face did not have to. :(

Add a comment

Your email will not be published.