Nginx logs local IP address in the access logs


Nginx is logging its IP as a local IP address in the file /log/nginx/*.ssl.access.log.
The customer needs to make it log to the correct external IP address.


To change that, add the following line in your general nginx.conf file's http{}'s section:

log_format main '$http_x_forwarded_for - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent"' ;

The change above is to replace the standard $remote_addr by $http_x_forwarded_for. If you still want to log the connecting IP, you can have your log format this way:

log_format main '$http_x_forwarded_for ($remote_addr) - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent"' ;

After you have done the change, don't forget to add the main keyword at the end of this line somewhere in your config to look like this:

access_log      /var/www/site/logs/access.log main;

This will tell nginx that you're using the custom log format that you created above.


Article by: Isaac Ojeh



Please sign in to leave a comment.