Posts tagged apache
If like me, you use the very useful CloudFlare service to speed up & protect your site(s), you may have noticed that since using CloudFlare, your access logs may seem to have a ton of visits from a very narrow range of IP addresses. This is because CloudFlare acts as a reverse proxy and the IPs you are seeing are from CloudFlare’s network.
This is a bit sucky for analytics since those IPs are not of the actual visitors to your site(s). The original IP is still in the HTTP request headers when CloudFlare is enabled, though, and looks something like this sample request header:
GET /blog/feed/ HTTP/1.0 Host: www.normyee.net Accept-Encoding: gzip CF-Connecting-IP: 126.96.36.199 CF-IPCountry: US X-Forwarded-For: 188.8.131.52 Connection: close Set-Keepalive: 0 Accept: */* From: googlebot(at)googlebot.com User-Agent: Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
CloudFlare inserts a
CF-Connecting-IP header containing the original requester’s IP. In this case, the IP 184.108.40.206 is google’s web crawler paying me a visit, although the request was logged as coming from 220.127.116.11 — one of CloudFlare’s IPs. We of course want the original IP logged, and not CloudFlare’s. Fortunately there are quick solutions for both Apache and WordPress.
For Apache, CloudFlare has an Apache module, mod_cloudflare, which you’ll need to compile from source for your system. You can get more info and instructions here & view the source on github here (it’s linked to from the previous link as well). It’s pretty straightforward, assuming you have shell access and the ability to run apxs (the APache eXtenSion tool).
For WordPress, you can just simply download the CloudFlare WordPress plugin at wordpress.org to get the correct IPs back in WordPress. CloudFlare has a wiki page for the plugin as well, but the WordPress.org plugin page has all the info you need.
Upgraded apache from 2.0.59 to 2.2.8 yesterday and my htaccess rules broke. I searched around & discovered that one of the things that changed with 2.2.x was a renaming of the various apache auth modules. Had to put in the following to my httpd.conf to get things to work again
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authz_user_module modules/mod_authz_user.so
Other than that, everything else was easy breezy.
Never one to leave good enough alone, I configured mod_deflate this evening to squeeze out a little more performance out of the server that hosts this site and a few others. Not like it really needed it bandwidth savings-wise since nothing bandwidth-intensive is hosted on this box (yet), but I’ve always been a bite of an optimization nut and a tweaker. Thankfully tweaking this server is free other than my time.