DEV Community

Noriko Yamamoto
Noriko Yamamoto

Posted on

How to write the original IP in the Apache log even via Cloudflare and Google Cloud Load Balancing (GCP LB)

Follow the Cloudflare Document below.

Restoring original visitor IPs: Logging visitor IP addresses with mod_cloudflare
https://support.cloudflare.com/hc/en-us/articles/200170786-Restoring-original-visitor-IPs-Logging-visitor-IP-addresses-with-mod-cloudflare-

And then, Add 35.191.0.0/16 and 130.211.0.0/22 for CloudFlareRemoteIPTrustedProxy.

<IfModule cloudflare_module>
    CloudFlareRemoteIPHeader X-Forwarded-For
    CloudFlareRemoteIPTrustedProxy 35.191.0.0/16
    CloudFlareRemoteIPTrustedProxy 130.211.0.0/22
    CloudFlareRemoteIPTrustedProxy [your load balancer’s IP]
</IfModule>
Enter fullscreen mode Exit fullscreen mode

After restart httpd, You will see the original visitor IPs on your apache access logs.

FYI: GCP Document of External HTTP(S) Load Balancing Source IP addresses
https://cloud.google.com/load-balancing/docs/https#source_ip_addresses

Discussion (0)