Eduardo
Reputation: 697
How to log the real client IP on embedded Tomcat access log on Spring Boot application with Nginx as reverse proxy?
I have Nginx in front of a Spring Boot 1.3.3 application with Tomcat access log enabled, but the logging always write the proxy IP address (127.0.0.1) instead of the real client IP.
- Is the X-Real-IP header used to get the real client IP?
- Is this header used by tomcat to write the IP address in the access log?
I have this configuration:
application.properties
server.use-forward-headers=true
server.tomcat.internal-proxies=127\\.0\\.0\\.1
server.tomcat.accesslog.enabled=true
Nginx configuration:
location / {
proxy_pass http://127.0.0.1:8091;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header X-Forwarded-Port 443;
proxy_set_header Host $host;
}
Upvotes: 4
Views: 10364
Answers (1)
Nidhi
Reputation: 888
The real client IP is available in $proxy_add_x_forwarded_for variable i.e. X-Forwarded-For header. It will have "," separated entries. The very first value is the real client IP.
To log the real client IP in Tomcat's access logs, modify the pattern value in the AccessLog Valve as:
%{X-Forwarded-For}i %l %u %t "%r" %s %b
Upvotes: 8
Related Questions
- How to access a value defined in the application.properties file in Spring Boot
- How to configure port for a Spring Boot application
- How can I log SQL statements in Spring Boot?
- How to point many paths to proxy server in nginx
- what's wrong with this configuration for nginx as reverse proxy for node.js?
- Express - req.ip returns 127.0.0.1
- Ngnix Jsession changed redirection issue
- getRemoteAddr() behind NginX reverse proxy in Spring MVC app?